Windows users are making themselves vulnerable to malware attacks by disabling User Access Control included in Windows 7 and Vista, Microsoft (NASDAQ: MSFT) warned. In a single day recently, the software maker found that UAC had been switched off on 23 percent of PCs infected with dangerous malware, reports John E. Dunn at TechWorld.

Increasingly, malware is "opening a new front and turning UAC off itself," Microsoft researcher Joe Faulhaber wrote in an Aug. 3 blog post. There are just three avenues to accomplish this: via either an exploit in a service with administrator privileges, a user being tricked into clicking "OK" on a prompt that lets the malware elevate access, or UAC having already been turned off.

Some very common threats, including the Sality virus group, Alureon rootkits and the Bancos Trojan, have variants that can turn off UAC, Faulhaber warned. A single worm, which Microsoft calls "Rorpian," takes particular advantage of this capability. On a recent day, more than 90 percent of the incidents involving Rorpian included a disabling of UAC.

If users can't be persuaded to leave UAC on, businesses can restrict Windows admin privileges and bypass UAC, Dunn suggests. 

For more:
- see John E. Dunn's post at Techworld

Related Articles:
Most Internet users are ignorant about online security
Microsoft winning the war against AutoRun malware
Low-level malware worries security professionals the most, says report