Yesterday I wrote about Joanna Rutkowska’s work that highlighted a serious security flaw in Windows Vista. Her finding was that in Vista, many applications require that they be installed with administrator privileges, and that during the install process users are given two options: 1) install with elevated privileges, or 2) don’t install the application at all.
Yesterday’s post was sloppy, however. It came to the conclusion that Microsoft made a security design error in implementing this system. The truth of the matter is that there is a serious security problem with respect to Vista, but that problem is not due to a recent decision by Microsoft.
Microsoft had no other choice, really. The alternative is telling people that their old programs are insecurely written and can’t be used. That wouldn’t go over well. Unfortunately, allowing the applications to go in as administrator creates a major problem for Microsoft: it trains the users to say yes when an application asks to be installed with elevated privileges.
But it’s not a Vista problem, really. It’s going to hurt Vista, but the real problem is that of legacy support. It’s ironic, really. All this work to make Vista more secure and it’s going to be largely undermined by how lax they were in the past.: