Serious Discussion What is UAC?

After reading this article, do you think UAC is useful or not , and will you enable it or not?


  • Total voters
    55
D

Deleted member 178

Thread author
Standard user accounts provide for better security and lower total cost of ownership in both home and corporate environments. When users run with standard user rights instead of administrative rights, the security configuration of the system, including antivirus and firewall, is protected. This provides users a secure area that can protect their account and the rest of the system. For enterprise deployments, the policies set by desktop IT managers cannot be overridden, and on a shared family computer, different user accounts are protected from changes made by other accounts.
However, Windows has had a long history of users running with administrative rights. As a result, software has often been developed to run in administrative accounts and take dependencies, often unintentionally, on administrative rights. To both enable more software to run with standard user rights and to help developers write applications that run correctly with standard user rights, Windows Vista introduced User Account Control (UAC). UAC is a collection of technologies that include file system and registry virtualization, the Protected Administrator (PA) account, UAC elevation prompts, and Windows Integrity levels that support these goals. I've talked about these in detail in my conference presentations and TechNet MagazineUAC internals article.
Windows 7 carries forward UAC's goals with the underlying technologies relatively unchanged. However, it does introduce two new modes that UAC's PA account can operate with and an auto-elevation mechanism for some built-in Windows components. In this post, I'll cover the motivations behind UAC's technologies, revisit the relationship between UAC and security, describe the two new modes, and explain how exactly auto-elevation works. Note that the information in this post reflects the behavior of the Windows 7 release candidate, which is different in several ways from the beta.

Full article here with detailed and technical explanation:

User Account Control: Inside Windows 7 User Account Control

Read it , it is worthy.

Another Article but simpler:

UAC enhances security by allowing you to use standard-user wrights while providing an easy method for elevating to administrator if such elevation is needed. There is no need to switch user, log-off or use the Run as administrator command.

Important: UAC is intended to help people be more secure, but it can’t ensure security on its own.

User Account Control (UAC) Guide Windows 7

Why UAC should be taken seriously
 
Last edited by a moderator:

Duotone

Level 10
Verified
Well-known
Mar 17, 2016
457
D

Deleted member 178

Thread author
But due to those minor inconvenience that's why others tend to turn it off, in my case I don't really want it off just believed what was stated here TweakUAC for Windows Vista that it still works while in Quiet mode.

from the article said:
However, if you use an anti-virus program, have the firewall enabled, and keep your Windows updated regularly, then UAC popups become more of a nuisance without adding much security. Any malware should be stopped by the anti-virus and firewall. If it’s reached the point of asking you to confirm its execution, it’s already too late!

i like the "should"... :rolleyes:

We all know here that AVs won't detect everything.

Question: How can I setup certain software to have high privileges on start-up?! ex: Shiela USB shield

No idea, and it won't be a good move.
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Unfortunately many users should be educated and aware the overall powerful of UAC and because of its too technical on description hence they take it for granted. Indeed Microsoft did not make UAC as unnecessary from the first place but rather to prevent against untoward execution of programs.
 

Duotone

Level 10
Verified
Well-known
Mar 17, 2016
457
Finally manage to control the behavior of UAC on a certain software w/ Microsoft compatibility tool.
 
A

above

Thread author
I didn't vote because I don't consider it useless , but I'm using something I consider a better alternative. I haven't used VoodooShield for ages but it used to disable UAC on install, so it isn't do or die to everybody.
 
D

Deleted member 178

Thread author
I didn't vote because I don't consider it useless , but I'm using something I consider a better alternative. I haven't used VoodooShield for ages but it used to disable UAC on install, so it isn't do or die to everybody.

VS used to disabled it, i heard that now you have the choice. Anyway no softwares should be allow to disable UAC, whatever the reason, because no 3rd party softwares works at kernel level .
 
  • Like
Reactions: Rishi
A

Alkajak

Thread author
I used to proudly disable UAC. Ever accidentally downloaded a malware file and hit enter/space bar/double click instead of single click? Don't get screwed over.
 
  • Like
Reactions: frogboy and upnorth

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top