RE USERS and SECURITY

Discussion in 'Windows 7 Help and Support' started by ruggb, Feb 22, 2012.

  1. ruggb

    ruggb Honorable Member

    Joined:
    Jan 14, 2009
    Messages:
    510
    Likes Received:
    4
    it is purported that creating a separate admin account then setting your admin acct to a std user helps with warding of malware. In order to do any admin tasks u must enter a PW.

    The purpose of UAC is to help ward off malware. If set at default, in order to perform admin functions u must dismiss the UAC prompt with a yes/no.

    In either case u must do something to proceed.

    The question is -- what additional protection does a std account give u over UAC?

    IE, what admin tasks can malware perform that will not trigger UAC such that a std account will provide protection?

    thx
     
  2. Mike

    Mike Windows Forum Admin
    Staff Member Premium Supporter

    Joined:
    Jul 22, 2005
    Messages:
    8,488
    Likes Received:
    783
    The standard account will require elevated privileges and admin authorization to perform actions that require administrative access. I.E. Overriding filesystem permissions or installing certain software that modifies system configuration or requires administrative authorization.
     
  3. ruggb

    ruggb Honorable Member

    Joined:
    Jan 14, 2009
    Messages:
    510
    Likes Received:
    4
    Thx Mike

    But what I am not understanding is - UAC asks about this requesting a clk - for a std user the 'ask' requests a pw.
    Once allowed, what is different?

    Are there actions UAC does not warn about that a std user prevents?
    If so what are they?
     
  4. Mike

    Mike Windows Forum Admin
    Staff Member Premium Supporter

    Joined:
    Jul 22, 2005
    Messages:
    8,488
    Likes Received:
    783
    The elevation prompt requires user interaction to confirm that an authorized transaction is taking place. When an account has administrative access, the account user has agreed to use this type of pre-screening to prevent unauthorized changes to the system that require elevation. For example, as an administrator, you will still run many applications without elevated privileges under UAC. Actions that require elevation will require you to run that program using "Run as Administrator".

    Running as a standard user also requires this confirmation, and an administrator password for an additional layer of security.

    Here is further information about it, particularly "Over-the-Shoulder" and "Admin Approval Mode" should be of interest to you in understanding these transactions:

    Lesson 2: Understanding User Account Control (UAC)
     

Share This Page

Loading...