The attack has to be tailored to the process the user starts. The researchers have created two examples for Windows processes, a command line tool and software that edits the registry, but according to the researchers also other processes can be abused.
This is why you password protect the Admin account on Windows Vista, 7, 8/8.1 and make a Standard User account and use that so you will avoid all this pitfall. This will more or less top malware installation and stop registration editing if they aren’t Admin user. This is something Windows user should know by now and if not then they deserve to get hit by the malware infection…
Users can defend themselves by properly inspecting the UAC warning and by clicking on more information to see for what permission is asked.
They don’t need advance knowledge …
- Make Admin account password protected this will prevent authorized install without the password to confirm
- Make Standard user account that way if something wants to install it will require the Admin Password to install and that will block it.
It not that hard…IT have been telling computers user already DON’T use the ADMIN as your primary account or else you will get malware and this seems to fall on death ears. Even my families laptop I make two acccounts the ADMIN password protected and the Standard user-this way no installs or update can happen unless the ADMIN knows what it is.