[lt.gif]
[rt.gif]

logo






shield shield

 DDACS 2.0.1

   Protect yourself at all times!





User Account Control and User Security

Windows User Account Control is a feature available in Microsoft operating systems since Windows Vista. According to Microsoft, it "is a fundamental component of Microsoft's overall security vision" and "helps mitigate the impact of malware"
[https://docs.microsoft.com/en-us/windows/security/identity-protection/user-account-control/how-user-account-control-works]

So what is Windows UAC, what it attempts to solve and what it solves?

User control is a concept known from original UNIX, since early 1970s. In simple, it means that there are multiple users, and files/objects (in UNIX "everything is a file") have permissions set. Owning user, group to which (s)he belongs and other users (anybody) can/can't read, write or execute the file.

In UNIX the problem to solve and the solution was pretty clear. There was one big computer and many real, physical users who sat at individual terminals and could work with the system possibly at the same time. If getting too high permissions (going overprivileged), users could accidentially or intentionally harm each other or the entire system. Consequently, users were granted only permissions enough to do anything with their partition of resources, which they needed to do their work. A superuser root was defined for IT administration people who managed system software, other users and performed other management tasks.

In Windows it was always there, despite that prior to Vista UAC was not named "a feature" and was not largely advertised. Windows NT, which is the base of today's Windows, was designed and developed a full-featured multi-user operating system since its inception; originally it was intended for enterprise multi-user and server use.

But Windows is used on Personal Computers, and almost all its use today is personal. You are the owner and mostly the only user of your PC, you need to install/uninstall programs, configure computer - in other words perform administration tasks. Of course, you need superuser access, but who are these other users, whom you need to control? What tools UAC brings to you to improve your computer's security?

For most of the time the only tool you will meet is an alert dialog with caption "User Accout Control" that asks you: "Do you want to allow the following program to make changes to this computer?" and displays the program's name. The alert appears when the program is started, either because it requests Administrator privileges in its manifest, or because you chose "Run as administrator" from menu when starting it.

Leaving aside the later case that doesn't make any sense - you are alerted on your own conscious decision to run a program as administrator - the first case tells you something about the program being started: that it wants to have all possible access to your computer.

So you are presented a choice: you need to decide whether to allow the program all access or not. How would you decide?

Probably you will first look on the program's name and may be think for a moment if the program's functionality needs administrator access. If it's something well known to you that you started yourself, the answer is easy. Otherwise, if you are really careful you may check the progam's author and digital signatures. Let's suppose that all is good, will you allow administrator privileges?

UAC doesn't provide you with instruments to make an educated decision. The program may be innocent, but contain bugs or functionality that can be exploited (be especially careful when asked about administrator privileges to run programs that you didn't start yourself, especially such as command prompt, reg etc.) Some well-known programs may request administrator privileges for no apparent reason (Skype, Adobe ARM). Finally, installers almost always request administrator privileges - and you can never be sure when installing a new program that it won't attempt something bad as part of "installation".

UAC doesn't help understand if a program attempts something dangerous, it only lets you decide if provide it with enough privileges to harm or not.

Besides, there is enough harm that can be done with improper access without administrator privileges.

Summarizing, we can see that Windows User Account Control doesn't change a lot security level of your computer. Threat today comes from programs, not users, and only tools that implement Programs Access Control (block or alert on particular dangerous access attempted by a program) can significantly improve your security.







© Daniel Drubin 2020