Ask Leo: Is it safe to run as admin now that Windows 7 has UAC?


By Leo Notenboom

What are your recommendations regarding User Account Control and operating a PC as an administrator in Windows 7? I’ve read many times that one shouldn’t routinely operate a computer while logged in as an administrator, but when you set up Windows on a new computer, the first user that you create is automatically an administrator on that PC. That makes it easy to get through User Access Control prompts by just clicking Yes. Is that risky? If you create a non-administrator user and log in as that user, UAC quite often prompts you for the user name and password of an administrator. Is there a benefit to that?

You’ll get a variety of opinions on this one.

I tend to fall on the side of pragmatism. What that means is that it depends
on just how much you trust the user of your computer.

And it’s probably not the type of “trust” that you think.

User Account Control

User Account Control

UAC was added in Windows Vista and made more palatable (meaning less
annoying) in Windows 7.

There are two principals at play:

“Because you know the password, you’re empowered to make mistakes either way.”
  • Even when logged in with an account that has administrative privileges,
    you do not actually run “as” the administrator by default.

  • When something needs to happen that requires administrative privileges,
    you are prompted for permission. If you’re logged in as an account with
    administrative privileges, it’s a simple OK/Cancel choice. If you’re not
    logged in with an administrative-enabled account, you must also provide the
    administrator password in order to be able to choose OK.

This is extremely similar to security measures on other operating systems,
including both MacOS and Linux.

The reasoning is simple: by not truly running as administrator, malware
that you encounter will have a more difficult time infecting your machine. In
general, they have to fool you into saying OK to the UAC prompt before they can infect the deeper levels of your system.

In addition, it can also be helpful in preventing accidental or non-malicious changes from happening to your system.

Article continued here

This post is excerpted with Leo’s permission from his blog.

FaceBook URL: Leo’s Facebook

Twitter URL:

 846 total views,  1 views today

(Visited 1 times, 1 visits today)

Leave a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.