Microsoft fixes Windows 7 UAC exploit code in post-beta builds

After the proof-of-concept code that subverts an important security feature of Windows 7 UAC (download) gain momentus, a problem Microsoft knew about was not addressed. Now, Microsoft said it had addressed the issue in post-beta builds that have not yet been released to the public. …we are going to deliver two changes to the Release Candidate that we’ll all see. […]

After the proof-of-concept code that subverts an important security feature of Windows 7 UAC (download) gain momentus, a problem Microsoft knew about was not addressed. Now, Microsoft said it had addressed the issue in post-beta builds that have not yet been released to the public.

…we are going to deliver two changes to the Release Candidate that we’ll all see. First, the UAC control panel will run in a high integrity process, which requires elevation. That was already in the works before this discussion and doing this prevents all the mechanics around SendKeys and the like from working. Second, changing the level of the UAC will also prompt for confirmation, explain Jon over at IE7 blog.