Featured Article: Why UAC works and how it can be improved in Windows 7

There’s been a lot of confusion around User Account Control (UAC), even almost 2 years after the concept was introduced in Windows Vista. This is largely due to Microsoft overestimating the ability of third-party developers to develop or change software that will be “UAC friendly,” which resulted in a ridiculous amount of UAC prompts for early adopters of Vista. Thankfully these issues were fixed when Vista SP1 was released, which helped decrease the number of UAC prompts generated by 80%. Some love UAC, but most hate it because Microsoft was poor in executing it, and did a poor job of presenting UAC as a useful tool. But the thing is, it works.

First, let’s talk about why UAC works. Without UAC, an administrator logged on to perform whatever tasks he or she might want on the computer will receive administrator privileges all the time, giving him or her unlimited access to everything. So should some sort of malware end up on your computer while you are logged in as administrator, it would also be given administrator privileges and could be a huge threat to your computer.

But when UAC is enabled, even the administrator is treated as a standard user. When a task requiring administrative privileges is performed, UAC prompts you and asks you if you want to give the application elevated privileges. This is why UAC works well as a security feature.

One big problem is when a standard user needs to perform a simple administrative task such as installing a program, they would need administrative credentials to do so, which would defeat the whole purpose of having a separate administrator users group in the first place. Microsoft Standard User Analyzer found in the Application Compatibility ToolKit does help. You can also use alternatives such as the BeyondTrust Privilege Manager, which allows users to run as standard users until they need to perform an administrative task.

In Windows 7, UAC prompts are to be reduced dramatically, and from my experience with Windows 7 so far, they have been reduced. Ben Fathi of the Windows 7 Development team gave 2 main points on how UAC will be improved in Windows 7:

1) Broaden the control you have over the UAC notifications. We will continue to give you control over the changes made to your system, but in Windows 7, we will also provide options such that when you use the system as an administrator you can determine the range of notifications that you receive.

2) Provide additional and more relevant information in the user interface. We will improve the dialog UI so that you can better understand and make more informed choices.

Fathi’s points are very general, but seem to address the main problems of UAC in Windows Vista. Specifically speaking, these are some things Microsoft should consider for UAC in Windows 7:

• Recognize Trends: If the same application or task is triggering UAC to send a prompt continuously, UAC should recognize this and provide the option for the user to allow or deny activity automatically in the future, or for that session. To avoid confusion, these options can be hidden until UAC recognizes that prompts are being repeatedly shown. They can also be enabled by default in the UAC settings panel. This allows advanced users to take control of UAC, and prevents regular users from mistakenly selecting an option.
• Provide suggestions based on a “blacklist” like in Driver Protection: Microsoft is going to have work hard in making UAC seem “useful” again after tainting it with poor execution in the beginning. Part of “providing more relevant information” could involve some kind of alert or warning included in a UAC prompt, when the task or application is recognized as potentially harmful or dangerous.
• Allow UAC customization per user group: One of UAC’s biggest flaws is that standard users are provided no freedom to perform the few administrative tasks that they still need to use such as installing specific programs. UAC could fix this by providing customizable “exceptions” or rules for each specific user or user group. A “trusted application or tasks” list could work too
• Provide a Basic and Advanced UAC layout: Judging from how simple User Access Control settings are, Microsoft is probably trying to portray UAC as a simple yet effective security tool. The simplicity can be a downfall for IT admins while the complexity can be a downfall for normal users. Microsoft can provide advanced options for those who really need it.

Microsoft needs to especially prove to users, especially those who disabled UAC, that UAC in Windows 7 is an improved and refined tool that is useful and efficient. What are some ways you would want to improve Windows 7′s UAC? Please let us know in the comments below.

Related posts:

1. Microsoft to rework Windows 7 UAC to be less annoying
2. Microsoft says UAC prompts in Windows 7 will be nearly a third fewer than in Vista
3. Is Windows 7′s UAC still insecure?