Windows Vista

What is UAC in Windows Vista?

What is User Account Control (UAC)?

When Windows launched Vista in 2008, it brought a large list of improvements over previous versions. One of the largest selling points for Vista was the increased security that it offered and one of the central aspects of this increased security is UAC, but exactly what is UAC? Windows Vista has the built-in ability to automatically reduce the potential of security breeches in the system. It does that by automatically enabling a feature called User Account Control (UAC). The UAC forces users that are part of the local administrators group to run like they were regular users with no administrative privileges.

Whenever a user that is a member of the local administrators group (or even a member of the Domain Admins group if the computer is part of an Active Directory domain) tries to perform a task that requires administrative privileges, the operating system halts the operation and prompts the user to acknowledge it prior to running the task.

What is UAC?

Note the little shield icon next to some of the items in the above screenshot. These items, if clicked upon, will invoke the UAC prompt, and the following message is displayed:

Sponsored Content

Passwords Haven’t Disappeared Yet

123456. Qwerty. Iloveyou. No, these are not exercises for people who are brand new to typing. Shockingly, they are among the most common passwords that end users choose in 2021. Research has found that the average business user must manually type out, or copy/paste, the credentials to 154 websites per month. We repeatedly got one question that surprised us: “Why would I ever trust a third party with control of my network?

What is UAC?

In case the user is not a member of the local administrators group and he or she tries to perform a task that requires such privileges, they are prompted to enter the valid credentials of an administrator (similar to the Run As command in existing Windows XP/2003):

What is UAC?

Although UAC clearly improves the security on Windows Vista, under some scenarios you might want to disable it, for example when giving demos in front of an audience (demos that are not security related, for example). Some home users might be tempted to disable UAC because of the additional mouse clicking it brings into their system, however I urge them not to immediately do so, and try to get used to it instead.

In order to disable UAC please read the following article: Disable User Account Control in Windows Vista.

Summary

In this article I went over some of the history behind UAC and how it works. Hopefully this brief articles makes it clear what UAC is.

Related Topics:

Don't leave your business open to attack! Come learn how to protect your AD in this FREE masterclass!REGISTER NOW - Thursday, December 2, 2021 @ 1 pm ET

Active Directory (AD) is leveraged by over 90% of enterprises worldwide as the authentication and authorization hub of their IT infrastructure—but its inherent complexity leaves it prone to misconfigurations that can allow attackers to slip into your network and wreak havoc. 

Join this session with Microsoft MVP and MCT Sander Berkouwer, who will explore:

  • Whether you should upgrade your domain controllers to Windows Server
    2019 and beyond
  • Achieving mission impossible: updating DCs within 48 hours
  • How to disable legacy protocols and outdated compatibility options in
    Active Directory

Sponsored by: