Microsoft has responded to public criticism of its User Account Control (UAC) system, and has confirmed that it will not classify the reported issue as a security vulnerability.
"The intent of the default configuration of UAC is that users do not get prompted when making changes to Windows settings," a company representative told vnunet.com. "This includes changing the UAC prompting level."
The statements follow a blog posting by researcher Long Zheng, who suggested that the warning features in UAC could be bypassed and even disabled by malicious code.
Microsoft pointed out that an attacker would have to had compromised a system already in order for this to happen.
"The only way this could be changed without the user's knowledge is by malicious code already running on the box," the representative told vnunet.com.
"In order for malicious code to have gotten on to the box, something else has already been breached (or the user has explicitly consented)."
Zheng issued a second blog posting on Saturday addressing Microsoft's statements. "Microsoft's argument is entirely based on the user, which I agree to an extent. They have to download and execute such an application, but this can be a low-privileged application so it would have no warnings whatsoever," he wrote.
"How could a low-privileged application being able to turn off the entire privileged applications security layer not be a security flaw? Let me repeat: a low-privileged application. Some people seems to have missed that."
Microsoft declined to comment on whether Zheng's suggestions would be adopted or ignored, but a spokesperson told vnunet.com: "Microsoft has received feedback on UAC prompting behaviour, and has made changes in accordance with user feedback."
RAND claims AI could enhance strategic stability by improving accuracy in intelligence collection and analysis
How NoSQL database technology and IoT sensors are being put to work saving endangered elephants and tigers
MarkLogic's David Northmore reveals how Dutch social enterprise Sensing Clues is using the latest technology to track poachers and protect endangered species
TSB IT fiasco has "all the hallmarks of an IT meltdown", claims Treasury Committee chair Nicky Morgan MP
The first appeals over Apple's Irish taxes will take place in the autumn, confirms Ireland's finance minister