Learning To Love UAC

This forum is for tips, information and general news regarding Windows Vista.

Moderators: Admin Team, Moderators

User avatar
TeMerc
Site Admin
Site Admin
Posts: 15995
Joined: Fri Jan 28, 2005 5:16 pm
Area Of Expertise: Security
experience: I know the functions, OS settings, registry tweaks and more
PC time: What else is there in life?
Location: PHX, AZ
Contact:

Learning To Love UAC

Postby TeMerc » Wed Jun 04, 2008 9:57 am

By Larry Seltzer
2008-06-04

User Access Control in Windows Vista has been such a controversial development that it's worth re-examining periodically. Let's restate the purpose of UAC: It is to allow the user to run the system as a standard user, not administrator, and still have relatively easy access to privileged operations when they are necessary.

UAC (click here for Microsoft's expanded description of it) is more than that; even when running as administrators, users still run in a less-privileged context and are warned when privileged operations are being requested. The way Microsoft sees it, UAC also encompasses their efforts to make many operations, such as changing system time, available to standard users.

It's hard to deny the value of this. The overwhelming majority of malware currently is delivered through social engineering tricks, such as opening porn or a greeting card. These should not be privileged operations, and UAC is a way of taking a time-out and having the user make sure that a potentially dangerous operation is being performed deliberately and in an informed manner. The same is true of vulnerabilities, those of which get past other Vista defenses such as ASLR and service hardening, which should trigger UAC in a way that should alert the user. In fact, a recent test of anti-rootkit tools found that UAC popped up and warned as every rootkit in the test tried to execute.

nwz Continued @ eWeek
Image

Return to “Windows Vista”

Who is online

Users browsing this forum: No registered users and 1 guest