Windows Vista - User Account Control
This document explains the User Account Control feature that is new with Windows Vista.
User Account Control allows users to run Windows with standard user privileges and decrease the number of tasks and applications that require administrator privilege. Running as a standard user, while it cannot eliminate malware threats, does reduce the risk that a piece of software will be able to make system-wide changes without the user's knowledge.
Standard user accounts under Windows Vista are able to access a number of common tasks that they could not with previous version of Windows:
- Install critical Windows Updates
- View the system clock and calendar
- Change the time zone
- Change power management settings
- Add printers (as long as the necessary drivers are pre-installed on the computer or allowed by an IT admin via Group Policy)
- Create and configure Virtual Private Network (VPN) connections
- Install Wired Equivalent Privacy (WEP) to connect to secure wireless networks
Of course, there are still some tasks that need Administrator-level access. Microsoft identifies these with a small shield icon. In the following screen-shot, the Add Hardware and Device Manager control panels require administrator access, while Default Programs and Administrative Tools do not (note that all the actual tools under the Admin Tools control panel would need admin access to run).
When standard users attempts to access a task that requires administrator-level access, they will be prompted to enter an administrator password. Microsoft calls this Over-the-Shoulder(OTS) Credentials, as the password could easily be typed in by someone leaning over the user's shoulder.
User Account Control even has a mode designed to help keep administrator-level accounts protected while they are doing non-administrative activities--Admin Approval Mode. This feature allows administrators to perform normal day-to-day tasks such as checking e-mail or browsing the Web while running with a standard user token. If administrator privileges are needed for an operation, the administrator will be notified and asked to provide either consent or credentials, depending on system policy settings.
In either OTS or Admin Approval Mode, users will notice that Vista darkens or grays out the screen when the User Account Control prompt is up. This is called Secure Desktop mode and helps prevent unknowingly allowing escalated privileges by only allowing the user interface to interact with the UAC prompt. Other applications are blocked and must wait for the user to finish dealing with UAC.
For more in-depth information on User Account Control, see this Microsoft Technet article: Understanding and Configuring User Account Control in Windows Vista