Second Exploit Surfaces for Windows 7 UAC
I wrote earlier about a "hole" in Windows 7's new User Account Control (UAC) behavior which would allow malware to disable UAC without user notification. On Wednesday a new flaw was exposed, one in which malware could easily "elevate" themselves to full administrative privileges without UAC prompts or turning UAC off.