Disabling UAC

[tao muon]

Just because you've never been robbed doesn't mean you should leave your doors unlocked.

Gold... no...

PLATINUM!

[Dashel]

I think you best point isn't constrained to MS but all developers. Time and time again you see applications generating errors that it (and at worst their support staff) have never, ever, heard of.

As far as UAC, if you are 'security' minded leave it on and deal with the annoyances. If not, killing it, Defender, Firewall, and any preinstalled AV is your first course of action. Security and usability are usually conflicting forces. Here is a primer I found useful.

http://technet.microsoft.com/en-us/windows...a/aa906021.aspx

UAC is quite possibly the single best defense against unpatched/unidentified vulnerabilities and 0-day attacks.

Not that I disagree but can you give us a scenario of this? It may help illuminate the issue.

Edited July 17, 2007 by Dashel

[Mordkanin]

Not that I disagree but can you give us a scenario of this? It may help illuminate the issue.

If a vulnerability is discovered in virtually any piece of software, odds are that that software will never be running as an Admin, thanks to UAC. By not running as an Admin, the vulnerability will not be able to make any system-wide changes. The same goes for many windows components, for instance, Explorer.

[tnsply100]

That's just ridiculous. No firewall is ever going to prevent your software from being exploited by malicious content streams - for example, see the WMF vulnerability from a year or so ago. That's the kind of thing UAC protects against, not malware. UAC has nothing to do with malware (other than the fact that the vulnerabilities UAC protects against are occassionally used to distribute malware).

If person A never had a security problem with Windows XP, they should still leave UAC enabled on Vista. Just because you've never been robbed doesn't mean you should leave your doors unlocked.

UAC is quite possibly the single best defense against unpatched/unidentified vulnerabilities and 0-day attacks. Your virus scanner is going to be useless against such things, and a firewall doesn't even come into the picture.

I appreciate your insightful posts, and I know you work for MS. Would it be possible for them to have a 'UAC for dummies' walkthrough on their website? (Yes, I know the there are detailed articles already available.. but I'm talking about a 'dumbed down' walkthrough) I suggest answering common Myths like "clicking Yes every time essentially negates UAC', etc. I also suggest concrete examples of security vulnerabilities, and comparisons of what would happen with and without UAC.

Obviously, people here (and at other places) are incredibly misinformed as to what UAC actually does. People tend to think of themselves as power users - but in reality know absolutely nothing, or are gravely mistaken. I suppose this is the price MS pays for marketing their OS to the general populace - people who know nothing about computing, and infinitely worse - fools who *think* they know about their machines, but really don't.

[dr.bisho]

theres only 2 reasons why u should keep UAC on

1.- if you're a nerd

2.- if you're a n00b

if you aren't any of those just keep it off and be a regular user. my 2 cents.

lol....nice one agree...

just turn it off, but be carefull

[FATILA]

Ok, you insightful power users can turn it off. The rest of us will keep it on, and await the usual deluge of "Vista sucks" posts because someone doesn't rtfm.

[Mordkanin]

Ok, you insightful power users can turn it off. The rest of us will keep it on, and await the usual deluge of "Vista sucks" posts because someone doesn't rtfm.

Oh well. Let's leave the 'insightful power users' to their dramatically more vulnerable software.

People tend to think of themselves as power users - but in reality know absolutely nothing, or are gravely mistaken. I suppose this is the price MS pays for marketing their OS to the general populace - people who know nothing about computing, and infinitely worse - fools who *think* they know about their machines, but really don't.

[magik]

I heard that UAC, over time, learns from user's clicking 'Yes' when certain actions are performed repeatedly and in the future the prompt isn't even displayed and the 'Yes' is assumed (rightfully so). Is this true?

Edited July 18, 2007 by magik

[Tantawi]

^ No.

[Mordkanin]

I heard that UAC, over time, learns from user's clicking 'Yes' when certain actions are performed repeatedly and in the future the prompt isn't even displayed and the 'Yes' is assumed (rightfully so). Is this true?

No.

[freak_power]

No.

Microsoft could make it so remembers by creating encrypted list file.

[Lant]

The whole point is to catch something so a "remember this option" would be stupid. If for some reason explorer.exe is compromised (yes I know unlikely) and keeps asking for uac access while you were doing nothing with it (say browsing neowin) then you would click no thinking something is wrong. Run a virus scan and find you have a problem. But if you had set it to remember to always allow explorer.exe because of all those uac dialogues you had to go through when changing the start menu you wouldn't have noticed anything.

[Mordkanin]

Microsoft could make it so remembers by creating encrypted list file.

That's not necissarily a good thing. Giving any apps the ability to just be run as an Admin opens potential for vulnerability. What if an exploit is found in a certain app or windows component on this hypothetical "Always Run as Admin without a UAC prompt list"? Then you've got potential for privledge escalation via some lower privledge app launching the other app without a UAC prompt.

[Brandon Live Veteran]

Microsoft could make it so remembers by creating encrypted list file.

But we don't want to.

1) UAC encourages developers to write code that works for non-admins. This is a very good thing.

2) Creating an auto-consent list creates an obvious attack vector for EoP exploits.

3) If a malicious process can read the exemption list, it can wait for an elevated process to be run and potentially exploit some vulnerability in said process.

Heck, let's say you put "cmd.exe" on the list. Now all some evil program has to do is run "cmd /k MyEvilProcess.exe" and they're running elevated. Or they could just run any evil command like "cmd /k del ntldr".

[drumthrasher109]

Didn't know it would go this far...UAC to me is something that asks you to accept or cancel the opening of an admin-based app, like an installer or something so spyware doesn't automatically get installed.

[Brandon Live Veteran]

Didn't know it would go this far...UAC to me is something that asks you to accept or cancel the opening of an admin-based app, like an installer or something so spyware doesn't automatically get installed.

Yeah... as I said above, that's pretty much not what it's about at all (the whole point of UAC really is that you can run apps *without* admin privileges - that's where its power and usefulness comes from).

[Elliot B.]

NOTHING, IF and only IF, you're not a n00b and know how to keep you computer secure and don't visit/install crap sites/software, or let other users mess with your PC.

If you never got a spyware/crap on a Windows XP environment before, chances that you wont get on Vista too with UAC turned off.

+1

I've never had a virus or spyware in my life so now that I use Vista, I disabled UAC straight away. I have AVG and Defender installed just in case I somehow get a virus or spyware but the chances of that are slim.