Posted on Monday, May 21 2007 @ 0:10 CEST by Thomas De Maesschalck
A security researcher found an exploit for the Windows Vista User Account Control which could be used to infect PCs with trojans:
Paveza said in the paper that the vulnerability uses a two-part attack vector against a default Vista installation. The first step requires that malware called a proxy infection tool be downloaded and run without elevation. That software can behave as the victim expects it to while it sets up a second malicious payload in the background.
"For instance, if users believe they are downloading a 'Pac-Man' clone, such a game could be run while the malicious software did its work in the background," Paveza said. He noted that the infection succeeds, for all intents and purposes, with the installation of the proxy infection tool.
"This pattern of infection follows the typical Trojan horse model, piggybacking on what may be otherwise legitimate software," he said.
Source:
eWeek.
