2. The Role of UAC
An in-depth look at User Account Control in Windows 7
Windows 7 UAC and Malware
The main role of the UAC is to tell an ordinary user when a task needs the elevated rights of the Protected Administrator account. Remember that the Windows UAC does not detect malware; for that, you need some sort of anti-virus software. Also, it's unreasonable to expect the UAC to prevent malware getting into your system, for that you need 'Windows Defender' or a similar utility.
I am trying to take a balanced view here, and the argument for turning off the UAC focuses on evidence that determined software writers can bypass the UAC. There have been a number of public demonstrations of code-injection, whereby processes can run without triggering the UAC. You can prevent this silent elevation of rights by setting the slider above to Always Notify, this is the old Vista setting.
Thus it seems that either you worry about when a program needs elevated privileges in which case you move the UAC slide down, or you don't care and move the slider to Never Notify. A consensus is emerging that say the default central positions are useless.
Microsoft's Goal for Windows 7 UAC
Microsoft's goal is still to encourage people to logon as standard users and not with the administrator account. To achieve this goal Windows 7 enables standard users to perform operations that previously required administrative rights. As a result, even the default Windows 7 UAC mode reduces the number of prompts and thus makes the administration experience smoother.
Where the Protected Administrator (PA) credentials are required, the UAC appears to remind the user of the importance of the change they are about to make. When the UAC does kick-in it's because you selects a setting that wants to modify the file system, the registry, or call upon the Protected Administrator (PA) account. Talking of the registry, it's the HKEY_LOCAL_MACHINE (HKLM) part that's a security threat, therefore applications should use the HKEY_CURRENT_USER\Software section of the registry.
Summary of the UAC in Windows 7
I find that knowledge of what the UAC is trying to do makes me more forgiving when it does appear. Also understand the goals behind the UAC makes me appreciate the improvements between Vista and Windows 7. The UAC seems smarter in Windows 7, as it only appears when a named program requires elevated rights. Also the Control Panel provides an easy way to adjust the UAC behavior.
Guy recommends: Orion NPM (Network Performance Monitor) 9.5
Orion NPM is designed for detecting network outages. It guides you through troubleshooting by indicating whether the root cause is a broken link, faulty equipment or resource overload. Because it produces network-centric views, it is intuitive to navigate, and as result you can see easily what's working and what's not.
Perhaps Orion's best feature is the way it suggests solutions. Moreover, if problems arise out of the blue, then you can configure Orion NPM 9.5 to notify members of your team what's changed and how to fix it.
If you are interested in testing a professional performance monitor on your network, then I recommend that you take advantage of Solarwinds' offer of a download a free trial of Orion NPM 9.5.
- 1. Review of the UAC in Windows Version 7
- 2. The Role of UAC
Perhaps Orion's best feature is the way it suggests solutions. Moreover, if problems arise out of the blue, then you can configure Orion NPM 9.5 to notify members of your team what's changed and how to fix it.
If you are interested in testing a professional performance monitor on your network, then I recommend that you take advantage of Solarwinds' offer of a download a free trial of Orion NPM 9.5.
I don't think that should be there
Do you guys get to drink on the job? Every article is littered with errors...
UAC has always seemed pointless to me, but maybe that's because I have (not-so-)common sense. Just by actually looking at what I'm installing and realizing that a website can't be, "scanning my computer for viruses," I haven't been infected by a virus in years. Litterally. Years.
And my anti-virus has only popped up a few times - and only when I was wary of the file(s) to begin with. Heck, I could uninstall my AV and just use one of the well-known online file scanners (I don't think I'm allowed to say name).
99.9% of malware can be blocked with common sense.
"Guy recommends:"
You cannot even say it was an accident...
99.9% of malware can be blocked with common sense.
Don't stick your mouse pointer where you wouldn't stick your unmentionables. That bit of advise has kept my family clean for years.
I've been annoyed by the Windows 7 UAC for months now, and will turn it off once I get a full copy. There is no point whatsoever in asking me EVERY SINGLE TIME I open up CCleaner (and most other programs I use frequently) if I want to allow that program to make changes to my computer. If I've already said, "Yes", and the program hasn't changed, what is the point except to persistently annoy me, like that stupid paper clip used to in Word?
ZoneAlarm warns that a particular program is trying to access the internet, but only if the program has changed. Why can't Microsoft, with all its trillions of dollars of resources, figure out how to do this too?
Don't you guys just yearn for the days of Dr Thomas Pabst running this site with decent ground-breaking reveiews before these ad-centric piles of crappola became all the rage. Come back Dr Tom, all is forgiven.