| Not necessarily. [0] Also, it is actually quite trivial bypassing UAC prompt in Windows. It simply gives a false sense of security. Something as simple as SilentCleanup [1] still works to this day. This will bypass UAC with little effort. Even worse, following that, it is also trivial to get NT AUTHORITY\SYSTEM using Windows Management Instrumentation Event Subscription. [2] I've done it as an exercise in Go out of all languages and it ended up fully undetected both on disk and during runtime. So Windows simply provides a false sense of security. After all Microsoft themselves said [3]: One important thing to know is that UAC
is not a security boundary. UAC helps people
be more secure, but it is not a cure all.
UAC helps most by being the prompt before
software is installed.
[0] https://amonitoring.ru/article/steam_vuln_3/[1] https://enigma0x3.net/2016/07/22/bypassing-uac-on-windows-10... [2] https://attack.mitre.org/techniques/T1084/ [3] https://blogs.msdn.microsoft.com/e7/2009/02/05/update-on-uac... |