Microsoft Security Essentials lists Windows 7 UAC hack as malware

Leo Davidson released a proof-of-concept showcasing Windows 7 User Account Control feature flaw elevating a command prompt window using the whitelisted explorer.exe process. As of now, Microsoft has failed to fix the flaw, but they’re taking it a step further by blocking the exploit in Microsoft Security Essentials, as HackTool.Win32/Welevate.A and HackTool.Win64/Welevate.A (depending on architecture).  However, Leo noted that […]
Leo Davidson released a proof-of-concept showcasing Windows 7 User Account Control feature flaw elevating a command prompt window using the whitelisted explorer.exe process. As of now, Microsoft has failed to fix the flaw, but they’re taking it a step further by blocking the exploit in Microsoft Security Essentials, as HackTool.Win32/Welevate.A and HackTool.Win64/Welevate.A (depending on architecture).  However, Leo noted that Windows Defender in Vista did not detect this exploit, and Bryant confirmed that the same is true for Windows 7 (where the trick would actually work), so this seems to be exclusive to Microsoft Security Essentials.