I don't know if you have heard of User Account Control (UAC). This term originally appeared in the Vista system. It has always been the most concerned, most discussed, and most controversial technology in the XP system. Now it is in the Windows 7 system. In the Win7 system, this function will be controversial? Or is it based on the award? This article will compare and analyze the new and old UAC technology to help you get the answer you want, for Windows 7 User Account Control (UAC) function curious friends, come together to follow the small series.
UAC is designed to
UAC feature it was originally designed to solve application problems require administrative privileges, allowing end users to configure For local administrators. In the beginning, UAC was called LUA (least privileged user access), but was immediately renamed because it was not just a solution to the problem.
UAC final product is a security-related technologies, aimed at protecting operating system files and registry to prevent malicious software, viruses, and the code trying to update your computer protected areas. The malware attempts to add, modify, and remove key components of the operating system to control the computer without being discovered.
UAC Run
(Vista and Windows7's) UAC is in a similar way operation, there are some features that are not in the Vista Windows7, in the following we'll discuss. The job of UAC is to remove the "privilege" of the application, task, function, or action performed by the user in routine functions. In fact, UAC is suitable for these two different modes: users who are members of the local administrators group and users who are not members of the local administrators group.
If you look at the works of Vista UAC system function, we can compare different with the Windows7. We need to look at these two modes of operation. First, let's look at the non-admin login, in which case the user does not have administrative credentials to log in, so that when the administrative privileges are required, all applications, any or features will Can not run. When the UAC function is enabled (a confirmation dialog will pop up by default), a dialog box will pop up for the user to enter the administrative rights account username and password. When entering this information, only the UAC function tag and the required application, task or function can have administrative rights to operate. The UAC popup confirmation dialog is displayed.
Next, we need to investigate the UAC in Vista, in the case of "administrator" has logged on, in this case, when a user with administrator privileges landing, UAC will basically eliminate all management rights, Only until there are tasks that require administrative privileges. In doing so, background applications, viruses, malware, worms, etc. cannot use the login credentials to modify operating system files and the registry. If we look at the verification token after the user account that is a member of the domain administrators group is logged in, we can clearly see that the "admin privilege" has been canceled. It is clearly shown that the domain management group SID has set the token to "reject".
This is the most important aspects of the administrator login, because almost all malicious programs written to take advantage of the information currently logged in, you can make malicious programs fail rejecting token use. Of course, the downside of this is that all applications (even those that are well known) will pop up a confirmation dialog at startup to start the program.
When you run a tenth of applications known to be safe, and the tenth time to see confirmation box, you will feel very tired. We know that safety has always been very troublesome. However, when doing so, when a malicious application tries to get close to a protected file or registry key, a prompt box appears prompting the user that something is running in the background, and the user has not started any programs.
This is the safest mode of UAC prompt box for non-administrators and administrators, any started task will require administrative privileges. Any protection mode that is lower than this cue mode does not protect the computer from malware or viruses, because background activity is hard to find and will change the system.