Windows DevCenter    
 Published on Windows DevCenter (http://www.windowsdevcenter.com/)
 See this if you're having trouble printing code examples


Understanding Windows Vista's User Account Control

by William Stanek, Paul Marquardt
02/06/2007

User Account Control (UAC) is a collection of features designed to improve your computer's security and better protect it from malicious programs. UAC fundamentally changes the way Windows Vista works.

User Accounts and Permissions

Windows Vista has two general types of user accounts:

Standard users can perform any general computing tasks, such as starting programs, opening documents, and creating folders, and any support tasks that do not affect other users or the security of the computer. Administrators, on the other hand, have complete access to the computer and can make changes that affect other users and the security of the computer.

Unlike earlier releases of Windows, Windows Vista makes it easy to determine which tasks standard users can perform and which tasks administrators can perform. You may have noticed the multicolored shield icon, shown in Figure 1, next to certain options in Windows Vista's windows, wizards, and dialog boxes. This is the Permissions icon. It indicates that the related option requires administrator permissions in order to run.

Icon

Figure 1. Tasks with this icon require administrator permissions

Permission and Consent Prompting

In Windows Vista, regardless of whether you are logged on as a standard user or an administrator, you see a User Account Control (UAC) prompt whenever you attempt to perform a task that requires administrator permissions. The way the prompt works depends on whether you are logged on with a standard user account or an administrator account. If you are logged on with a standard user account, you are prompted to provide administrator credentials as shown in Figure 2. At home (left), the prompt lists each local computer administrator account by name. To proceed, you must click an account, type the account's password, and then click OK. At the office (right), the prompt shows the logon domain and provides username and password boxes. To proceed, you must enter the name of an administrator account, type the account's password, and then click OK.

Credentials

Figure 2. Provide the required credentials

If you are logged on with an administrator account, you are prompted for consent to continue as shown in Figure 3. The consent prompt works the same whether you are at home or at the office.

Provide consent

Figure 3. Provide consent to continue

Elevation and the Secure Desktop

The process of getting a user's approval prior to running an application in administrator mode and prior to performing actions which change system-wide settings is known as elevation. Elevation enhances security by reducing the exposure and attack surface of the operating system. It does this by providing notification when you are about to perform an action that could impact system settings, such as installing an application, and eliminating the ability for malicious programs to invoke administrator privileges without your knowledge and consent.

Prior to elevation and display of the User Account Control (UAC) prompt, Windows Vista does several things in the background. The key thing you should know about is that Windows Vista switches to a secure, isolated desktop prior to displaying the prompt. The purpose of switching to the secure desktop is to prevent other processes or applications from providing the required permissions or consent. All other running programs and processes continue to run on the interactive user desktop--it is only the prompt itself that runs on the secure desktop.

Elevation, permission/consent prompts, and the secure desktop are the key aspects of User Account Control that affect you the most. As you can see, they have a measurable impact on the way Windows Vista works. Due to these UAC features:

While these features have a far-reaching impact on the way you use Windows Vista, they enhance security and provide better protection for your computer from malicious programs. If you use these features as they are intended to be used, your computer will be protected from many types of malicious programs.

Turning User Account Control On or Off

To your own detriment, and I mean that quite literally, you can disable User Account Control and all its related features on a per-account basis. Rather than completely disabling UAC, you can enable or disable individual features through policy settings. These policy settings are found under Security Settings\Local Policies\Security Options.

At home, you can turn User Account Control on or off for your account by following these steps:

  1. Click Start and then click Control Panel.
  2. In Control Panel, click the User Accounts heading and then click User Accounts again.
  3. On the User Accounts page, click Turn User Account Control On Or Off.
  4. When you click Turn User Account Control On Or Off, you are prompted for permissions or consent as discussed previously. Because this is an inherent part of the user interface and a feature that can be enabled or disabled, I do not mention each time the prompt is displayed. Rather, I assume that you will provide the permissions or consent as required.
  5. To disable User Account Control, clear the Use User Account Control checkbox. To enable User Account Control, select the Use User Account Control checkbox. Click OK.
  6. When prompted, click Restart Now or Restart Later as appropriate. You will need to restart your computer for this change to take affect.

At the office, you cannot turn User Account Control on or off using this technique. While you may be able to configure individual UAC features through policy settings, these features will more than likely be set so that they cannot be configured.

William Stanek has over 20 years of hands-on experience with advanced programming and development. He has written nearly 100 books.

Paul Marquardt currently works as a network operating systems analyst for Dell. He specializes in highly available solutions, server/desktop deployment, and core Windows components.


Return to WindowsDevCenter.com.

Copyright © 2009 O'Reilly Media, Inc.