Tech Support Forum Guide on UAC

Document Sample
Tech Support Forum Guide on UAC Powered By Docstoc
					UAC or User Account Control is a new security-related computer technology
introduced with Microsoft Windows Vista. It now also comes with Windows
07 and Windows Server 2008.In the UAC, when an administrator logs on to a
computer running Windows, two distinct access tokens are granted to a
user. Access tokens include a user's group membership and data they are
authorized to access. Before Windows Vista, an administrator account had
only one access token that included data which the user was permitted to
access. This one token access control model did not have any fail safe
checks to verify that users truly wanted to perform a function that
required their administrative access token. Consequently, malicious
software could install on users' computers without notifying the users.
This is also sometimes called as "silent" installation. In this way, such
malicious software has the potentiality to use administrator's access
control data to affect core operating system files. In some instances, it
becomes nearly impossible to undo the harm.Microsoft developed UAC
feature to help prevent malicious software from installing silently and
causing infection in the entire set of networked computers. Unlike past
versions of Windows, now, when an administrator logs on to a computer
running Windows Vista, administrator access token is split into two
access tokens: a full administrator access token and a standard user
access token. During the process of logon, authorization and access
control features that identify an administrator are removed. The standard
user access token is used to initialize the desktop, Explorer.exe
process. As all applications derive their access control input from the
initial launch of the desktop, they all operate as a standard user only.
When an administrator logs on, full administrator access token is not
activated until the user attempts to perform an administrative task.User
Account Control allows administrators to carry day-to-day tasks as non-
administrators. They are called standard users in Windows Vista. A
standard user account is equivalent to a user account in Windows XP. It
allows administrators without requiring switching users, use Run As, and
log off. Local Administrators group can have number of user accounts as
members. Such user accounts can run most applications as a standard
user.The key difference between an administrator and standard user in
Windows Vista is the level of access the user has over core, protected
areas of the computer system. Now, using Windows Vista or Windows 07, an
administrator can reconfigure system state, configure security policy,
turn off the firewall, and install a driver or a service which affects
all users on the computer. An administrator can install software for the
entire computer. Standard users cannot operate these tasks. They can only
install per-user software.
You as an administrator need to make full use of UAC to further
strengthen data security of your business entity. It is imperative that
you make full use of it for providing you with a reliable computing
platform. As an IT planner, you need to implement a sound security block
that distinguishes between administrators and general users without
compromising on security and work performance. Full implementation of UAC
will certainly bring you one step closer to that.User Account Control is
an important feature that separates user and administrator functions
without compromising security. It enhances productivity in multi-user
computer settings.

mr doen mr doen mr
About just a nice girl