User Access Control (UAC) was intended to prevent viruses and malware from installing software without your knowledge. When active, UAC prompts you when installing software or changing system information. It first appeared in Vista, and has been slightly modified in newer versions such as Windows 7.
While promoted as an important security feature, we feel it's implementation is so poor, that it provides very little additional security while being quite annoying. You get prompted many times each day so your desired action can proceed. After this occurs a few hundred times, users are conditioned to just say "Continue" to get their work done. Should a real threat occur, most the users will not even read the vague UAC message and will automatically select "Continue", completely defeating the purpose of UAC.
Internet Explorer 8 includes an optional protected mode to isolate each browser window into a protected environment that, in theory, would reduce attack vectors through a bad site. We have to wonder why IE even allows attack vectors through in the first place, but that's another story! We think this is a nice feature, but operation is not automatic and unfortunately, Microsoft tied this into UAC. Protected mode is disabled if you turn off UAC. Of course if you use another browser other than IE8, this is not important.
In all, even if you use IE8, we recommend disabling UAC as it's well recognized as the single most annoying "feature" of Windows Vista and Windows 7. We hope in a future version of Windows Microsoft will have a solution that identifies real threats and avoids the 99.99% false positives. |
