Guide | How To Why You Should Not Turn off UAC

The associated guide may contain user-generated or external content.

nsm0220

Level 21
Verified
Sep 9, 2013
1,054
The benefits of UAC far outweigh any inconveniences

UAC is native Windows security dependent upon one's point of view

The morass of ongoing confusion about UAC is Microsoft's fault; they have stated both "It is a security boundary" and "It is not a security boundary"

Whatever UAC's intent, it's pretty common sense as to its net affect for anyone who pays attention to it

The only ones that seem to vociferously complain about UAC are those users that are constantly doing stuff on their systems that require elevated privileges

Typical users have no idea what UAC is - let alone its benefits
Well programs like Shadow Defender come into play to fill the holes made by Microsoft when they made UAC.
 
  • Like
Reactions: ForgottenSeer 55474

ravi prakash saini

Level 13
Verified
Top Poster
Well-known
Apr 22, 2015
636
one should think why Microsoft introduced it "to irritate the user ".does any company will do this. I would like to see Windows with UAC at maximum setting by default and no option to change it
 
Last edited:
  • Like
Reactions: frogboy and enaph

Handsome Recluse

Level 23
Verified
Top Poster
Well-known
Nov 17, 2016
1,242
UAC is a layer security. Beginners / Novice user who turn-it off should not. It will protect you :)
Requiring user input doesn't bode well for them though. Psychology is still a factor.
one should think why Microsoft introduced it "to irritate the user ".does any company will do this. I would like to see Windows with UAC at maximum setting by default and no option to change it
They wouldn't know unless they try. 'Tis why big data is big. They also tried that on Vista.
 
D

Deleted member 178

A 100%, Always turn on UAC, Very Important!!!! If you turn it off and accidently download malware and run, it will run automatically without needing permission and infect the system. If you turn off UAC, You have basically allowing your system to die LOL
I have to correct you on UAC ; UAC is not made to block infections at all , it was made to block elevation of processes (which is a classic pattern of most malware), however if a malware doesn't need elevation, UAC won't react and you will be still infected.
 

Hadden

Level 2
Verified
Oct 18, 2015
97
Yes, but I'd say at least a 60% of people click yes every time UAC appears, so having or not it's quite pointless in that case :3
Personally I'm not a lover of UAC (even If I understand it's purpose).
I open registry. Prompt. I open windows folder. Prompt. I install a program. Prompt. I copy files. Prompt.
It's a bit annoying. The only time I don't do one of these, uh oh, I allowed UAC.
I prefer to scan before install something or check in other ways before doing some strange changes.
Of course, I don't change other people UAC, but I can assure most of them click allow every single time it shows.
 
Last edited:

TairikuOkami

Level 35
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,452
Always Notify. Sometimes I do not see UAC prompt for days, just using a browser, radio, steam games and etc.


I think the non-maximum UAC should be separate because some people argue that non-max UAC is not a boundary since there are ways to bypass them.
Most of these bypasses DO NOT work, when UAC is set to Always Notify. Like auto-elevate feature.

User Account Control: Inside Windows 7 User Account Control

This particular technique can be remediated or fixed by setting the UAC level to “Always Notify”
“Fileless” UAC Bypass Using eventvwr.exe and Registry Hijacking

UAC bypass typically uses WSH and powershell. Disable those and you are better off, but still not 100% of course.
 
  • Like
Reactions: ForgottenSeer 55474
F

ForgottenSeer 58943

Yes, but I'd say at least a 60% of people click yes every time UAC appears, so having or not it's quite pointless in that case :3

Speaking as an MSP with thousands of endpoints, I'd say 90% click YES each time the UAC pops. The UAC isn't really important in this case, it's importance is in other aspects of running a domain controller and group policies on a business network.
 

gorblimey

Level 2
Verified
Aug 30, 2017
99
Permanently set on MAX. I always work in a User Acct, and ALL installs are from Admin. So no real problems with UAC. I also use SuRun, so when I do need UAC I can do it to my own account, and not run the risk of screwing something in the Admin account.

If you want security you do it properly.
 
D

Deleted member 178

I use the security level 1 (do not dim), it's faster and still does its job.
Nothing unless "at Max" is safe with UAC, users have to decide between convenience or security, but most of all:.
1- Use SUA instead of Admin account so some apps won't ask for elevation all the time.
2- Don't use apps requiring elevation 30 times a day, unless your job requires it. If the case, get used to UAC's prompts.

I use SUA + UAC at Max and i enforce password/PIN prompts in alll accounts even admin one; i have elevation requests maximum one or two times a day, because i dont spend my time using tools doing admin tasks.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top