Windows Vista - User Account Control

This document explains the User Account Control feature that is new with Windows Vista.

With Windows Vista, Microsoft is working to improve the overall security of their operating system. User Account Control is one part of that strategy. Under previous versions of Windows, the majority of user accounts were configured as a member of the local administrator's group, because administrator privileges were required to install, update, or run many software applications without conflicts, and to perform typical system-level tasks. Even the simplest operation, such as clicking the taskbar clock to view a calendar, required administrator privileges. Having a large number of computers with Administrator-level user accounts on the network aided malware and virus writers, as their programs could exploit system-level privileges to damage files, change system settings, and even send sensitive information back to the malware author.

User Account Control allows users to run Windows with standard user privileges and decrease the number of tasks and applications that require administrator privilege. Running as a standard user, while it cannot eliminate malware threats, does reduce the risk that a piece of software will be able to make system-wide changes without the user's knowledge.

Standard user accounts under Windows Vista are able to access a number of common tasks that they could not with previous version of Windows:

  • Install critical Windows Updates
  • View the system clock and calendar
  • Change the time zone
  • Change power management settings
  • Add printers (as long as the necessary drivers are pre-installed on the computer or allowed by an IT admin via Group Policy)
  • Create and configure Virtual Private Network (VPN) connections
  • Install Wired Equivalent Privacy (WEP) to connect to secure wireless networks

Of course, there are still some tasks that need Administrator-level access. Microsoft identifies these with a small shield icon. In the following screen-shot, the Add Hardware and Device Manager control panels require administrator access, while Default Programs and Administrative Tools do not (note that all the actual tools under the Admin Tools control panel would need admin access to run).

When standard users attempts to access a task that requires administrator-level access, they will be prompted to enter an administrator password. Microsoft calls this Over-the-Shoulder(OTS) Credentials, as the password could easily be typed in by someone leaning over the user's shoulder.

User Account Control even has a mode designed to help keep administrator-level accounts protected while they are doing non-administrative activities--Admin Approval Mode. This feature allows administrators to perform normal day-to-day tasks such as checking e-mail or browsing the Web while running with a standard user token. If administrator privileges are needed for an operation, the administrator will be notified and asked to provide either consent or credentials, depending on system policy settings.

In either OTS or Admin Approval Mode, users will notice that Vista darkens or grays out the screen when the User Account Control prompt is up. This is called Secure Desktop mode and helps prevent unknowingly allowing escalated privileges by only allowing the user interface to interact with the UAC prompt. Other applications are blocked and must wait for the user to finish dealing with UAC.

For more in-depth information on User Account Control, see this Microsoft Technet article: Understanding and Configuring User Account Control in Windows Vista

Keywords:windows vista user account control   Doc ID:5229
Owner:Xander Z.Group:DoIT Help Desk
Created:2007-01-02 19:00 CDTUpdated:2015-10-01 09:50 CDT
Sites:DoIT Help Desk
Feedback:  2   14