Microsoft has clarified the well publicised issue with User Account Control in Windows 7, insisting that when it said it wasn't a vulnerability that didn't mean it wasn't taking things seriously.
On the ever-excellent Engineering Windows 7 blog Jon de Vaan discusses the point raised that a script could turn off the UAC entirely – leaving computers highly vulnerable.
"Some people have taken the, "it's not a vulnerability" position to mean we aren't taking the other parts of the issue seriously," he clarifies. "Please know we take all of the feedback we receive seriously."
De Vaan points out the problems inherent in making the UAC less irritating in Windows 7, compared to the hated Vista version, but keeping it at the forefront of computer security:
"UAC is one of those features that has a broad spectrum of viewpoints with advocates staking out both "ends" of the spectrum as well as all points in between, and often doing so rather stridently," blogs de Vaan.
"In this case we might represent the ends of the spectrum as "security" on one end and "usability" on the other. Of course, this is not in reality a bi-polar issue. There is a spectrum of perfectly viable design points in between.
"Security experts around the world have lived with this basic tension forever, and there have certainly been systems designed to be so secure that they are secure from the people who are supposed to benefit from them.
Secure by default
De Vaan insists that it is imperative that Windows 7 is 'secure by default'.
"Windows 7 upholds those principles and does so with a renewed focus on making sure everyone feels they are in control of their PC experience as we have talked about in many posts.
"There has been no report of a way for malware to make it onto a PC without consent.
"All of the feedback so far concerns the behavior of UAC once malware has found its way onto the PC and is running.
"Microsoft's position that the reports about UAC do not constitute a vulnerability is because the reports have not shown a way for malware to get onto the machine in the first place without express consent.
"…By any definition that is generally accepted across the world wide security community, the recent feedback does not represent a vulnerability since it does not allow the malicious software to reach the computer in the first place.
Microsoft's focus has been to prevent malware getting on, adds de Vaan, but explains that this does not mean that havoc can be easily wreaked with UAC should the defences be compromised.
"In Windows 7 we have continued to focus on improving the ability to stop malware before it is installed or running on a PC.
De Vaan feels that it is important people are aware that UAC is a notification system and not a 'security boundary'.
"One important thing to know is that UAC is not a security boundary," he adds. "UAC helps people be more secure, but it is not a cure all. UAC helps most by being the prompt before software is installed. This part of UAC is in full force when the "Notify me only when…" setting is used.
Responsive to feedback
"…So as you can see there is a lot of depth to the discussion of UAC and the improvements made in Windows 7 in UAC itself and in improving ways to prevent malware from ever reaching a PC. We are working hard to be responsive to the feedback we received from Vista to provide the right usability and security for people of all types.
"We believe we've made good progress and are listening carefully to the feedback on our UAC changes…While we cannot implement features the way each and every one of you might wish, we are listening and making a sincere effort to properly weigh all points of view.
"Our goal is to create a useful, useable, and secure Windows for all types of people."