Managing your Windows 7 User Account Control (UAC)

Windows User Account Control (UAC) notifies users if an authorised application attempts to install/make a change to your system. The idea behind UAC, developed for Vista, was to allow users more management and control of apps being installed – and most important of all malicious apps i.e.scareware/rogue antivirus software.

The default UAC settings for Windows 7 is that actions by a user are separated from the actions used by apps. This means that if a user makes a change to an app, they will not be prompted by the UAC. If an app makes a change, UAC will prompt the user to either accept or deny the app permission to make the system change.The different levels of UAC a user can change will effect what displays a prompt and what doesn’t, and whether you must enter credentials in order to use the admin token (for the tech savvy among us – every account has a security token – this token defines a user right/permission).

TIP: Click the Windows 7 logo on the TASK BAR and type “CMD” in ‘Start Search programs and files Box’ and type in the COMMAND CONSOLE window “whoami/all’ – this will highlight the current users/groups.

How to modify UAC default settings:

  • Type “UAC” in ‘Start Search programs and files Box’ (this is the quick method)
  • Click “Change User Account Control Settings”
  • Make sure you use the ‘Default’ setting*
  • I’d suggest you don’t use the ‘Never Notify’ unless that is you use HIPS software (see below)
  • There is also a Group Policy setting, but this isn’t required for home users

*VISTA used the ‘Always Notify’ UAC permission which annoyed its users – I suggest you don’t use this.

Some malware in the wild has been seen to infect or modify system files associated with the UAC. HIPS based apps like NovaShield, Prevx, Mamutu and DefenseWall for example provide more comprehensive app privilege protection (and kernel protection i.e. anti-malware behavior detection/remediation) than the Windows 7 UAC. You can have UAC and one of these HIPS apps, but you’ll end up making two clicks to allow or deny an app rather than one.

Safe surfing folks!

This entry was posted in malware, windows. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *