Monthly Archives: May 2015

Microsoft patches AppCompat UAC bypass vulnerability

As an addendum to two previous posts, Microsoft recently issued an optional patch for Windows 7 Service Pack 1, Windows 8, and related Windows Server versions to address the User Account Control (UAC) bypass vulnerability that downloader and installer malware have been using for the past several months. Microsoft KB article 3045645, “Update to force a UAC prompt when a customized .sdb file is created in Windows,” was released last week as a part of a set of optional Windows updates and can be installed via Windows Update in the Control Panel or by manual download and … Read more