Microsoft’s Plea: Don’t Turn Off User Account Control

A Microsoft security guru is pleading with Windows Vista beta testers to not turn off the User Account Control feature, regardless of how annoying it is.

Jesper Johansson, a senior security strategist in the Security Technology Unit at Microsoft, admits that the current implementation of UAC presents too many privilege escalation pop-up prompts, but he insists there is a method to the apparent madness.

“Unless we get feedback on what works and what does not, we can’t fix it. If you disable critical technologies that we are trying to get to work, we can’t fix them,” Johansson said in a blog entry. “That means that, yes, some things will be annoying and not work quite right in the final release, unless people work with us to fix them,” he added.

With UAC, formerly called LUA (Limited User Account), Microsoft believes it has significantly changed the malware threat landscape by limiting the way malicious code runs on the operating system.

By default, current versions of Windows configure most user accounts as a member of the administrator group, giving users all system privileges and capabilities. This allows users to install and configure applications and make system changes, but it presents a serious security risk because malware writers could take complete control of an exploited system.

In Windows Vista, UAC will separate standard user privileges and activities from those that require administrator access, a modification aimed at thwarting virus, spyware, Trojan and rootkit attacks.

However, in its current implementation, UAC requires that users click on multiple security prompts before carrying out some of the most basic computer tasks.

Faced with the reality that Vista beta testers are turning off the UAC feature in frustration, Johansson is pleading for some support. He explained that Microsoft is using crash dumps from the OCA (online crash analysis) error reporting tool to pinpoint legacy applications and other programs that are not UAC-compatible.

Microsoft’s transformation from laughingstock to industry heavyweight in the IT security sector is beginning to bear fruit. Click here to read more.

“UAC allows us to quickly spot all the broken apps out there so that we can either shim them to run as nonadmins or get them fixed. This latter is at the same time the most subtle and arguably most important of the things UAC does. It is also in many cases the most obvious, and the reason many people want to turn UAC off,” Johansson said.

Read the full story on eWEEK.com: Microsoft’s Plea: Don’t Turn Off User Account Control

Neuroscientist reveals a new way to manifest more financial abundance

Breakthrough Columbia study confirms the brain region is 250 million years old, the size of a walnut and accessible inside your brain right now.

Learn More

Picture of Ryan Naraine

Ryan Naraine

TRENDING AROUND THE WEB

If you recognize these 7 signs, you have a better relationship with your children than you think

If you recognize these 7 signs, you have a better relationship with your children than you think

The Blog Herald

People who put down others to feel better about themselves typically have these 10 insecurities

People who put down others to feel better about themselves typically have these 10 insecurities

Global English Editing

6 subtle signs you will be wealthy one day (even if you don’t have much yet)

6 subtle signs you will be wealthy one day (even if you don’t have much yet)

Personal Branding Blog

If you want to be more respected as you get older, say goodbye to these 7 little habits

If you want to be more respected as you get older, say goodbye to these 7 little habits

Small Business Bonfire

Intuition: If you’re not listening, you’re missing the certainty of the universe

Intuition: If you’re not listening, you’re missing the certainty of the universe

The Vessel

If you’re going through challenging times, these 6 habits will make you stronger

If you’re going through challenging times, these 6 habits will make you stronger

Jeanette Brown