User Account Control (UAC)
User Account Control (UAC) is a technology and security infrastructure introduced with Microsoft's Windows Vista and Windows Server 2008 operating systems, with a more refined version also present in Windows 7 and Windows Server 2008 R2.
The UAC aims to improve the security of Microsoft Windows by limiting application software to standard user privileges until an administrator authorizes an increase or elevation.
In this way, only applications trusted by the user may receive administrative privileges, and malware should be kept from compromising the operating system.
User Account Control (UAC) History
Differentiation of a superuser and userland has been common in mainframes and servers for decades. This had an obvious security component, but also an administrative component, in that it prevented users from accidentally changing system settings.
MS DOS, Windows 9x/ME
Microsoft home operating systems (such as MS-DOS, Windows 95, Windows 98 and Windows Me) did not have a concept of different user accounts on the same machine, and all actions were performed as super user.
Windows NT, XP
Windows NT and XP introduced multiple user accounts, but in practice most users continued to operate as super user administrator for their normal operations. Further, many applications tend to assume that the user is super user, and will simply not work if he or she is not.
Windows Vista
Subsequent versions of Windows and Microsoft applications have encouraged the use of non-administrator user logins, but the uptake has been slow. User Account Control is a stronger approach to do this introduced in Vista. But it is difficult to introduce new security features without breaking existing applications.
When logging into Vista as a standard user, a logon session is created and a token containing only the most basic privileges is assigned. In this way, the new logon session is incapable of making changes that would affect the entire system.
Windows 7
In Windows 7, Microsoft updated UAC in several ways. By default, UAC does not prompt when certain programs included with Windows make changes requiring elevated permissions. Other programs still trigger a UAC prompt. The strictness of UAC can be changed to either always prompt, or to never do so.
Tasks that Trigger a UAC Prompt
Tasks that require administrator privileges will trigger a UAC prompt (if UAC is enabled); they are typically marked by a 4-color security shield symbol. In the case of executable files, the icon will have a security shield overlay. Ed Bott's Windows Vista Inside Out lists the following tasks which require administrator privileges:
- Changes to system-wide settings
- Installing and uninstalling applications or device drivers
- Installing ActiveX controls
- Changing settings for Windows Firewall, or UAC
- Configuring Windows Update
- Adding, removing, or changing user accounts
- Configuring Parental Controls
- Running Task Scheduler
- Restoring backed-up system files
- Viewing or changing another user's folders and files
- Running Disk Defragmenter
Common tasks, such as changing the time zone, do not require administrator privileges. A number of tasks that required administrator privileges in earlier versions of Windows, such as installing critical Windows updates, no longer do so in Vista.
Any program can be run as administrator by right-clicking its icon and clicking "Run as administrator".
Most popular articles
- Which Processor is Better: Intel or AMD? - Explained
- How to Prevent Ransomware in 2018 - 10 Steps
- 5 Best Anti Ransomware Software Free
- How to Fix: Computer / Network Infected with Ransomware (10 Steps)
- How to Fix: Your Computer is Infected, Call This Number (Scam)
- Scammed by Informatico Experts? Here's What to Do
- Scammed by Smart PC Experts? Here's What to Do
- Scammed by Right PC Experts? Here's What to Do
- Scammed by PC / Web Network Experts? Here's What to Do
- How to Fix: Windows Update Won't Update
- Explained: Do I need a VPN? Are VPNs Safe for Online Banking?
- Explained: VPN vs Proxy; What's the Difference?
- Explained: Difference Between VPN Server and VPN (Service)
- Forgot Password? How to: Reset Any Password: Windows Vista, 7, 8, 10
- How to: Use a Firewall to Block Full Screen Ads on Android
- Explained: Absolute Best way to Limit Data on Android
- Explained: Difference Between Dark Web, Deep Net, Darknet and More
- Explained: If I Reset Windows 10 will it Remove Malware?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 20 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.