App Review Windows Defender Test-Windows 8(MalwareDoctor)

[MDTechVideos]

 

[DrBeenGolfing]

UAC would have caught most of that so called zero day stuff. Good review, Doc.

 

[MDTechVideos]

UAC would have caught most of that so called zero day stuff. Good review, Doc.

I agree UAC would have caught additional threats, but I view UAC as a double edged sword. On one hand, it allows the user to make a decision whether on not to allow an application to run, but on the other hand fails to provide any great detail as the publisher information is the main thing that determines if a file is either safe or unknown. At 13:40 a UAC prompt appeared, but with a "verified publisher" listed. For most computer users that would be all the information they need. MBAM detected it as a PUP while HitmanPro detected it as a piece of Adware. Though these infections would be considered less severe, it still falls in the category of malware. While I completely stand by utilizing UAC for balanced security, it would have changed the results of this test very little.

 

[DrBeenGolfing]

Yes, digitally signed is no indicator of safety, but anyone that installs spaghetti scripted urls/downloads is, to put this delicately, a couple of bricks short of a load. Kinda like the backhoe operator that goes digging without knowing where the gas pipeline is, and is surprised when he finds it---after blowing himself up.
May be time again for McLovin's primer on standard accounts:
http://www.youtube.com/watch?v=8VtvjZ1-TPI

 

[jamescv7]

Max UAC could really guaranteed of yellow notification since those samples are really in yellow and always operating the changes in the system.

So basically the default UAC is minimal but easily bypassed.