ANS: "What's the deal with UAC (Windows Needs Your Permission screens)" and "...But I thought I was

Discussion in 'Windows Vista Administration' started by Jimmy Brush, Jul 31, 2006.

  1. Jimmy Brush

    Jimmy Brush Guest

    Hello,

    I've noticed that a lot of the questions in these newsgroups are either
    directly or indirectly related to UAC (User Account Control). In this post,
    I will go over what UAC does, how it works, the reasoning behind it, how to
    use your computer with UAC on, why you shouldn't turn UAC off, and answer
    some common questions and respond to common complaints about it.


    * What is UAC and what does it do?

    UAC mode (also known as Admin Approval Mode) is a mode of operation that
    (primarily) affects the way administrator accounts work.

    When UAC is turned on (which it is by default), you must explicitly give
    permission to any program that wants to use "administrator" powers. Any
    program that tries to use admin powers without your permission will be
    denied access.


    * How does UAC work

    When UAC mode is enabled, every program that you run will be given only
    "standard user" access to the system, even when you are logged in as an
    administrator. There are only 2 ways that a program can be "elevated" to get
    full admin access to the system:

    - If it automatically asks you for permission when it starts up, and you
    click Continue
    - If you start the program with permission by right-clicking it, then
    clicking Run As Administrator

    A program either starts with STANDARD rights or, if you give permission,
    ADMINISTRATOR rights, and once the program is running it cannot change from
    one to the other.

    If a program that you have already started with admin powers starts another
    program, that program will automatically be given admin powers without
    needing your permission. For example, if you start Windows Explorer as
    administrator, and then double-click on a text file, notepad will open and
    display the contents of the text file. Since notepad was opened from the
    admin explorer window, notepad WILL ALSO automatically run WITH admin
    powers, and will not ask for permission.


    * What's the point of UAC?

    UAC is designed to put control of your computer back into your hands,
    instead of at the mercy of the programs running on your computer.

    When logged in as an administrator in Windows XP, any program that could
    somehow get itself started could take control of the entire computer without
    you even knowing about it.

    With UAC turned on, you must know about and authorize a program in order for
    it to gain admin access to the system, REGARDLESS of how the program got
    there or how it is started.

    This is important to all levels of users - from home users to enterprise
    administrators. Being alerted when any program tries to use admin powers and
    being able to unilaterally disallow a program from having such power is a
    VERY powerful ability. No longer is the security of the system tantamount to
    "crossing one's fingers and hoping for the best" - YOU now control your
    system.


    * How do I effectively use my computer with UAC turned on?

    It's easy. Just keep in mind that programs don't have admin access to your
    computer unless you give them permission. Microsoft programs that come with
    Windows Vista that need admin access will always ask for admin permissions
    when you start them. However, most other programs will not.

    This will change after Windows Vista is released - all Windows Vista-era
    programs that need admin power will always ask you for it. Until then, you
    will need to run programs that need administrative powers that were not
    designed for Windows Vista "as administrator".

    Command-line programs do not automatically ask for permission. Not even the
    built-in ones. You will need to run the command prompt "as administrator" in
    order to run administrative command-line utilities.

    Working with files and folders from Windows Explorer can be a real pain when
    you are not working with your own files. When you are needing to work with
    system files, files that you didn't create, or files from another operating
    system, run Windows Explorer "as administrator". In the same vein, ANY
    program that you run that needs access to system files or files that you
    didn't create will need to be ran "as administrator".

    If you are going to be working with the control panel for a long time,
    running control.exe "as administrator" will make things less painful - you
    will only be asked for permission once, instead of every time you try to
    change a system-wide setting.

    In short:

    - Run command prompt as admin when you need to run admin utilities
    - Run setup programs as admin
    - Run programs not designed for Vista as admin if (and only if) they need
    admin access
    - Run Windows Explorer as admin when you need access to files that aren't
    yours or system files
    - Run programs that need access to files that aren't yours or system files
    as admin
    - Run control.exe as admin when changing many settings in the control panel


    * UAC is annoying, I want to turn it off

    Having to go through an extra step (clicking Continue) when opening
    administrative programs is annoying. And it is also very frustrating to run
    a program that needs admin power but doesn't automatically ask you for it
    (you have to right-click these programs and click Run As Administrator for
    them to run correctly).

    But, keep in mind that these small inconveniences are insignificant when
    weighed against the benefit: NO PROGRAM can get full access to your system
    without you being informed. The first time the permission dialog pops up and
    it is from some program that you know nothing about or that you do not want
    to have access to your system, you will be very glad that the Cancel button
    was available to you.


    * Answers to common questions and responses to common criticism

    Q: I have anti-virus, a firewall, a spyware-detector, or something similar.
    Why do I need UAC?

    A: Detectors can only see known threats. And of all the known threats in
    existence, they only detect the most common of those threats. With UAC
    turned on, *you* control what programs have access to your computer - you
    can stop ALL threats. Detectors are nice, but they're not enough. How many
    people do you know that have detectors of all kinds and yet are still
    infested with programs that they don't want on their computer? Everyone that
    I have ever helped falls into this category.


    Q: Does UAC replace anti-virus, a firewall, a spyware-detector, or similar
    programs?

    A: No. Microsoft recommends that you use a virus scanner and/or other types
    of security software. These types of programs compliment UAC: They will get
    rid of known threats for you. UAC will allow you to stop unknown threats, as
    well as prevent any program that you do not trust from gaining access to
    your computer.


    Q: I am a system administrator - I have no use for UAC.

    A: Really? You don't NEED to know when a program on your computer runs with
    admin powers? You are a system administrator and you really could care less
    when a program runs that has full control of your system, and possibly your
    entire domain? You're joking, right?


    Q: UAC keeps me from accessing files and folders

    A: No, it doesn't - UAC protects you from programs that would try to delete
    or modify system files and folders without your knowledge. If you want a
    program to have full access to the files on your computer, you will need to
    run it as admin. Or as an alternative, if possible, put the files it needs
    access to in a place that all programs have access to - such as your
    documents folder, or any folder under your user folder.


    Q: UAC stops programs from working correctly

    A: If a program needs admin power and it doesn't ask you for permission when
    it starts, you have to give it admin powers by right-clicking it and
    clicking Run As Administrator. Programs should work like they did in XP when
    you use Run As Administrator. If they don't, then this is a bug.


    Q: UAC keeps me from doing things that I could do in XP

    A: This is not the case. Just remember that programs that do not ask for
    permission when they start do not get admin access to your computer. If you
    are using a tool that needs admin access, right-click it and click Run As
    Administrator. It should work exactly as it did in XP. If it does not, then
    this is a bug.


    Q: UAC is Microsoft's way of controlling my computer and preventing me from
    using it!

    A: This is 100% UNTRUE. UAC puts control of your computer IN YOUR HANDS by
    allowing you to prevent unwanted programs from accessing your computer.
    *Everything* that you can do with UAC turned off, you can do with it turned
    on. If this is not the case, then that is a bug.


    Q: I don't need Windows to hold my freaking hand! I *know* what I've got on
    my computer, and I *know* when programs run! I am logged on as an
    ADMINISTRATOR for a dang reason!

    A: I accept the way that you think, and can see the logic, but I don't agree
    with this idea. UAC is putting POWER in your hands by letting you CONTROL
    what runs on your system. But you want to give up this control and allow all
    programs to run willy-nilly. Look, if you want to do this go right ahead,
    you can turn UAC off and things will return to how they worked in XP. But,
    don't be surprised when either 1) You run something by mistake that messes
    up your computer and/or domain, or 2) A program somehow gets on your
    computer that you know nothing about that takes over your computer and/or
    domain, and UAC would have allowed you to have stopped it.


    - JB

    Vista Support FAQ
    http://www.jimmah.com/vista/
     
    Jimmy Brush, Jul 31, 2006
    #1
    1. Advertisements

  2. Jimmy:
    Thanks for the excellent description and operation of UAC
    explanation.
     
    Dennis Pack x64, v64B2 \(5384\), OPP2007B2, Jul 31, 2006
    #2
    1. Advertisements

  3. Jimmy Brush

    Kerry Brown Guest

    <snipped>

    Very well said. Do you mind if I put this on my web site? Or better yet
    could you put it on your site and I'll link to it?

    I find UAC not very intrusive at all if you run as a standard user using
    "Run as administrator" when needed. There should rarely be a need to
    actually logon as an administrator. I can't remember the last time I logged
    on as root on my Linux system. Likewise I rarely logon as an administrator
    in my SBS domain. A properly setup and secured OS should rarely need someone
    logged on with system level access.
     
    Kerry Brown, Jul 31, 2006
    #3
  4. Jimmy Brush

    Jimmy Brush Guest

    Hello,

    I will be putting this on my website shortly, I will post the address when I
    do.

    Anybody is welcome to copy and publish this post ... the more people that
    know, the better :)

    - JB

    Vista Support FAQ
    http://www.jimmah.com/vista/
     
    Jimmy Brush, Jul 31, 2006
    #4
  5. Jimmy,

    Nice website, I'll link to it shortly.

    Thanks,
    Mario

    www.webacre.com
     
    Mario Rosario, Jul 31, 2006
    #5
  6. Jimmy Brush

    Chad Harris Guest

    In addition to Jimmy's always extremely well written answers, I would
    encourage everyone to read carefully ***what's on the UAC team blog as well
    as the Vista Security blog** and the blogs of the people who aren't on the
    UAC team, but are on other Vista teams at MSFT, and contribute to its blog
    regularly. On one of my other posts I put extensive links explaining UAC
    features. Following those two blogs will make your life with Vista and its
    security (whichever form it finally takes much easier):

    UAC Team Blog--Read posts from the archives--they are screenshot in detail;
    Scroll Down; Click on the Archives and previous recent dates.
    http://blogs.msdn.com/uac/

    http://blogs.msdn.com/uac/archive/2006/01/22/516066.aspx

    Also read the comments on the blog; they are full of tips.

    Check out the Windows Vista Security Blog
    http://blogs.msdn.com/windowsvistasecurity/

    Security Integrity Team Blog
    http://blogs.msdn.com/si_team/

    Antimalware Team Blog
    http://blogs.technet.com/antimalware/

    UAC Team Beta Vista Chats:

    6/22/06
    http://windowsconnected.com/forums/70/ShowForum.aspx

    9/28/05
    http://windowsconnected.com/forums/thread/2846.aspx

    and also check out these discussions:

    O'Reilly Dev Center: UAC Overview
    http://www.windowsdevcenter.com/pub/a/windows/2006/04/04/uac-in-windows-vista.html

    Technet UAC Overview
    http://www.microsoft.com/technet/windowsvista/security/uacppr.mspx

    UAC What's New in Beta 2?
    http://blogs.msdn.com/uac/archive/2006/06/21/641713.aspx

    UAC Articles Technet
    http://www.microsoft.com/technet/windowsvista/security/uac.mspx

    UAC Application Webcast
    http://blogs.msdn.com/uac/archive/2006/06/26/647384.aspx

    Q&A with UAC Vista PM Chris Corio
    http://windowsconnected.com/blogs/joshs_blog/archive/2006/01/21/558.aspx

    UAC Gone Wild (Not to be confused with Girls Gone Wild who can't decide how
    to wear their T-Shirts)
    http://techrepublic.com.com/5100-10877-6089415.html


    Enjoy.

    CH
     
    Chad Harris, Jul 31, 2006
    #6
  7. Jimmy Brush

    Beck Guest

    Excellent post, thankyou.
     
    Beck, Jul 31, 2006
    #7
  8. Jimmy Brush

    Jimmy Brush Guest

    OK, I have added this information on my website, plus added a section for
    beginners who are new to security in Windows so that they can better
    understand how security works and how UAC plays into the Windows security
    model.

    http://www.jimmah.com/vista/security/uac.aspx

    Thank you for your feedback (You and everybody else).

    - JB

    Vista Support FAQ
    http://www.jimmah.com/vista/
     
    Jimmy Brush, Jul 31, 2006
    #8
  9. Jimmy Brush

    Bernie Guest

    Okay already :) I've turned it back on and will link to your website.
     
    Bernie, Jul 31, 2006
    #9
  10. Jimmy Brush

    Alan Simpson Guest

    Well said Jimmy. But just a couple minor additions. Using a computer in a
    limited account for day-to-day stuff has been a security "best practice" for
    many years, and totally ignored outside the corporate environment for just
    as many years. Basically Vista makes that practice security best practice
    automatic and as painless as possible by letting you temporarily elevate
    on-the-fly on an as-needed basis.

    Also, for home users, there's a tie-in to parental controls here. From a
    password-protected administrative account you can set parental controls on
    children's standard accounts and monitor their computer and Internet use.
    The kids can't get to any of that from their standard accounts (without an
    administrative password). So they can't tamper with any of that.
     
    Alan Simpson, Jul 31, 2006
    #10
  11. Jimmy Brush

    Intel Inside Guest

    My thoughts too Jimmy.
    Well done


     
    Intel Inside, Jul 31, 2006
    #11
  12. Jimmy gets a "golf clap"
     
    Mark D. VandenBerg, Jul 31, 2006
    #12
  13. Jimmy Brush

    pippin Guest

    Thank you an excellent post.
    I did disable after reading it just bugs you etc I enabled again due to the
    AV error but as soon as I installed an AV which worked for me I have UAC
    enabled after reading this it will stay this way. I have alwys just run as
    Admin on XP but with Vista I will make sure I have learned the levels of
    security offered in my accounts and use them. The fact I will be alerted even
    if I know I was doing something is a benefit for my computer and for my
    learning. A simple RegProt didn't run for me this morning when it should have
    on XP this proved to me UAC would have definitely alerted (even when I knew I
    had to permit)

    Thanks to all the experts for teaching us why we have the various tools.
     
    pippin, Jul 31, 2006
    #13
  14. Jimmy Brush

    Alan Simpson Guest

    Here's another little tidbit related to trying to make security best
    practices the default settings for an OS. When XP first shipped it came with
    an Internet Connection Firewall (ICF). But it was turned off by default, and
    nobody knew about it. Millions of computers were infected by Blaster and
    similar worms, only because people didn't have their firewalls up. Had MS
    just turned that firewall on by default, those worms wouldn't have spread
    the way they did and millions of people would have been spared much misery.

    Lesson learned: Always make security best practices the default settings.
    That's why all security features are turned on by default in Service Pack 2.
    And that's why we have UAC, turned on by default, in Vista. Of course, Vista
    has way more security than that. But the UAC thing is yet another reflection
    of making security best practices the default from the get-go.
     
    Alan Simpson, Jul 31, 2006
    #14
  15. Jimmy Brush

    Chad Harris Guest

    Alan--

    I respectfully disagree that they make deployment of UAC "as painless as
    possible." I'm not the lone ranger here. Even the uber tin ears at Redmond
    on the UAC team have a sense that thousands of people are pissed off over
    the deployment of UAC, many who use Linux or adminstrate Linux servers
    saying that Linux manages to have the security MSFT is aiming for without
    the deployment horrors.

    Putting a box in someone's face ever time they touch the keyboard or mouse
    is not "as painless as possible" and that''s pretty much what it's been
    doing.

    I'm plenty confident about my security so I tweak it out of the way. BTW
    Gartner's figures still stand: If you have a hdw firewall (NAT in a
    router), decent software firewall and with the MMC advanced snap-in Vista
    sure provides that, and a decent AV program, and you update viral
    definitions (many AV programsdo itseemlessly now--and Norton does it
    "automatically" once every Wednesday in the PM Pacific (lol) or you can
    shortcut to intelligent updater and do it manually every day, and you apply
    the slew of hotfixes that will not be changing in Vista on the road to
    Blackcomb/Vienna/Sequel to Vista


    I would wait to draft the UAC chapter in your Vista book Allen and I have
    some useful links on my post "this will help." If UAC is deployed in its
    current state-- or close because what I know of the RC1 changes won't be all
    that different but will be better, then a lot of us worry (and I think with
    a basis from what I see on forums)

    1) web sites will spring up like Topsy that will help people turn it off
    because people get exasperated when they can't get things done. Not all
    installs for example have a .exe that can be right clicked to run as admin
    and people have trouble installing--the general population is going to be
    similar to the same population that used XP although I know MSFT envisions
    many first time users of Windows and 400,000,000 OEM 300 name partners Vista
    desktops installed that will be screwed out of reaching Win RE without a DVD
    that does it (not talking about corporate custom installs with that option
    either that the softy PMs have been invoking--'cause little Suzie and
    Johnnie desktop ain't no enterprise).

    2) People will ignore the similar looking UAC boxes that spring up every
    time someone wants to transfer a file or folder from their Vista boot to the
    XP boot (you don't get it if you're reversing that procedure) and will
    automatically click them--sometimes with downside consequences.

    A few changes in RC1 for UAC will be:

    When connecting to a network, you should see
    a.. No UAC elevation when connecting to a wireless connection
    Deleting a shortcut from the desktop will no longer require elevation for
    administrators
    a.. Task Manager launches right away and allows the user to elevate later

    b.. Copying or moving multiple files to protected folders should require
    only one prompt to gain access

    c.. The Find New Hardware experience has been changed to remove the UAC
    prompt until the user is ready to install the device

    d.. "Set Focus" work has been done so that UAC prompts from applications
    running in the background do not interrupt users' workflow. The users will
    instead see a blinking item in the taskbar in these situations

    e.. The OS has been scrubbed for UAC prompts, the net benefit being that
    the number of UAC prompts is now reduced

    f.. A much-requested feature from our IT community: Elevated command
    prompts are distinguished by prefixing "Administrator:" to the title

    g.. We've added a new ActiveX Installer Service so that administrators can
    give Standard Users permissions to install controls from trusted sites

    h.. All UAC prompts have been scrubbed so as to be more consistent and
    informative, and also to provide users with improved context for deciding
    whether to permit/deny the prompt

    UAC Team Blog--Read posts from the archives--they are screenshot in detail;
    Scroll Down; Click on the Archives and previous recent dates.
    http://blogs.msdn.com/uac/

    http://blogs.msdn.com/uac/archive/2006/01/22/516066.aspx

    Also read the comments on this blog from other MSFT teams; they are full of
    tips.

    Check out the Windows Vista Security Blog
    http://blogs.msdn.com/windowsvistasecurity/

    Security Integrity Team Blog
    http://blogs.msdn.com/si_team/

    Antimalware Team Blog
    http://blogs.technet.com/antimalware/

    UAC Team Beta Vista Chats:

    6/22/06
    http://windowsconnected.com/forums/70/ShowForum.aspx

    9/28/05
    http://windowsconnected.com/forums/thread/2846.aspx

    and also check out these discussions:

    O'Reilly Dev Center: UAC Overview
    http://www.windowsdevcenter.com/pub/a/windows/2006/04/04/uac-in-windows-vista.html

    Technet UAC Overview
    http://www.microsoft.com/technet/windowsvista/security/uacppr.mspx

    UAC What's New in Beta 2?
    http://blogs.msdn.com/uac/archive/2006/06/21/641713.aspx

    UAC Articles Technet
    http://www.microsoft.com/technet/windowsvista/security/uac.mspx

    UAC Application Webcast
    http://blogs.msdn.com/uac/archive/2006/06/26/647384.aspx

    Q&A with UAC Vista PM Chris Corio
    http://windowsconnected.com/blogs/joshs_blog/archive/2006/01/21/558.aspx

    UAC Gone Wild (Not to be confused with Girls Gone Wild who can't decide how
    to wear their T-Shirts)
    http://techrepublic.com.com/5100-10877-6089415.html


    Enjoy.

    CH
     
    Chad Harris, Jul 31, 2006
    #15
  16. Jimmy Brush

    Chad Harris Guest

    I'm plenty confident about my security so I tweak it out of the way if it
    begins to get in the way. BTW
    Gartner's figures still stand: If you have a hdw firewall (NAT in a
    router), decent software firewall and with the MMC advanced snap-in Vista
    sure provides that, and a decent AV program, and you update viral
    definitions (many AV programsdo itseemlessly now--and Norton does it
    "automatically" once every Wednesday in the PM Pacific (lol) or you can
    shortcut to intelligent updater and do it manually every day, and you apply
    the slew of hotfixes that will not be changing in Vista on the road to
    Blackcomb/Vienna/Sequel to Vista you have much less than a 1`% chance--a
    very small fraction of it to contract malicious ware. Spyware can be
    easily handled by the most inexperienced user if they use 2-3 scanners. I
    don't find Defender has any dramatic advantage over many others, but it's
    still a work in progress.

    Where UAC is helpful is in limiting access to your box for certain Trojans,
    blended threats, or possibly someone who gains access to the computer if you
    lose it.

    UAC Team Blog--Read posts from the archives--they are screenshot in detail;
    Scroll Down; Click on the Archives and previous recent dates.
    http://blogs.msdn.com/uac/

    http://blogs.msdn.com/uac/archive/2006/01/22/516066.aspx

    Also read the comments on this blog from other MSFT teams; they are full of
    tips.

    Check out the Windows Vista Security Blog
    http://blogs.msdn.com/windowsvistasecurity/

    Security Integrity Team Blog
    http://blogs.msdn.com/si_team/

    Antimalware Team Blog
    http://blogs.technet.com/antimalware/

    UAC Team Beta Vista Chats:

    6/22/06
    http://windowsconnected.com/forums/70/ShowForum.aspx

    9/28/05
    http://windowsconnected.com/forums/thread/2846.aspx

    and also check out these discussions:

    O'Reilly Dev Center: UAC Overview
    http://www.windowsdevcenter.com/pub/a/windows/2006/04/04/uac-in-windows-vista.html

    Technet UAC Overview
    http://www.microsoft.com/technet/windowsvista/security/uacppr.mspx

    UAC What's New in Beta 2?
    http://blogs.msdn.com/uac/archive/2006/06/21/641713.aspx

    UAC Articles Technet
    http://www.microsoft.com/technet/windowsvista/security/uac.mspx

    UAC Application Webcast
    http://blogs.msdn.com/uac/archive/2006/06/26/647384.aspx

    Q&A with UAC Vista PM Chris Corio
    http://windowsconnected.com/blogs/joshs_blog/archive/2006/01/21/558.aspx

    UAC Gone Wild (Not to be confused with Girls Gone Wild who can't decide how
    to wear their T-Shirts)
    http://techrepublic.com.com/5100-10877-6089415.html


    Enjoy.

    CH





    CH
     
    Chad Harris, Jul 31, 2006
    #16
  17. Jimmy Brush

    Chad Harris Guest

    I think this is a good bit of supplemental info on UAC as well as Aaron's
    blog and will help you make it more usable and understand it better.

    What is a "LUA Bug"? (And what isn't a LUA bug?)
    http://blogs.msdn.com/aaron_margosis/archive/2006/02/06/525455.aspx

    Problems of Privilege: Find and Fix LUA Bugs (From Technet Magazine by Aaron
    Margolis)
    http://www.microsoft.com/technet/technetmag/issues/2006/08/LUABugs/

    Fixing "LUA bugs", Part I
    http://blogs.msdn.com/aaron_margosis/archive/2006/02/16/533077.aspx

    Fixing "LUA Bugs", Part II

    http://blogs.msdn.com/aaron_margosis/archive/2006/03/27/562091.aspx

    Changing access control on folders vs. files
    http://blogs.msdn.com/aaron_margosis/archive/2006/06/19/638148.aspx

    Anti-virus vs. Non-Admin
    http://blogs.msdn.com/aaron_margosis/archive/2006/06/02/614226.aspx

    UAC Team Blog--Read posts from the archives--they are screenshot in detail;
    Scroll Down; Click on the Archives and previous recent dates.
    http://blogs.msdn.com/uac/

    http://blogs.msdn.com/uac/archive/2006/01/22/516066.aspx

    Also read the comments on this blog from other MSFT teams; they are full of
    tips.

    Check out the Windows Vista Security Blog
    http://blogs.msdn.com/windowsvistasecurity/

    Security Integrity Team Blog
    http://blogs.msdn.com/si_team/

    Antimalware Team Blog
    http://blogs.technet.com/antimalware/

    UAC Team Beta Vista Chats:

    6/22/06
    http://windowsconnected.com/forums/70/ShowForum.aspx

    9/28/05
    http://windowsconnected.com/forums/thread/2846.aspx

    and also check out these discussions:

    O'Reilly Dev Center: UAC Overview
    http://www.windowsdevcenter.com/pub/a/windows/2006/04/04/uac-in-windows-vista.html

    Technet UAC Overview
    http://www.microsoft.com/technet/windowsvista/security/uacppr.mspx

    UAC What's New in Beta 2?
    http://blogs.msdn.com/uac/archive/2006/06/21/641713.aspx

    UAC Articles Technet
    http://www.microsoft.com/technet/windowsvista/security/uac.mspx

    http://www.microsoft.com/technet/windowsvista/security/uacppr.mspx

    UAC Application Webcast
    http://blogs.msdn.com/uac/archive/2006/06/26/647384.aspx

    Q&A with UAC Vista PM Chris Corio
    http://windowsconnected.com/blogs/joshs_blog/archive/2006/01/21/558.aspx

    UAC Gone Wild (Not to be confused with Girls Gone Wild who can't decide how
    to wear their T-Shirts)
    http://techrepublic.com.com/5100-10877-6089415.html

    Jimmy Brush's Article on UAC

    http://www.jimmah.com/vista/ Click on Security or
    http://www.jimmah.com/vista/category.aspx?id=security


    Enjoy.

    CH
     
    Chad Harris, Jul 31, 2006
    #17
  18. Jimmy Brush

    Alan Simpson Guest

    Sorry for playing loose and fast on the value judgments and product
    comparisons. Let me rephrase:

    "The idea is to bring security best practices to consumers who don't
    understand the risks or how to protect themselves."

    As a general addendum to all my posts, I'd add "If you have a product that
    does what you need, and you like it better than Vista, use that product
    instead of Vista".
     
    Alan Simpson, Jul 31, 2006
    #18
  19. Jimmy Brush

    Don Short Guest

    Q: I'm just a average user, how am I supposed to know what needs to run and
    what doesn't?
     
    Don Short, Jul 31, 2006
    #19
  20. Jimmy Brush

    Chad Harris Guest

    Read any of the the links I provided for you to spell it out and start with
    the Technet and the UAC team screenshots and Jimmy Brush's excellent writeup
    on his site.

    CH
     
    Chad Harris, Jul 31, 2006
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.