I’m glad to see some positive press on Windows Vista. Security is a tough business and when you’re on the desktops of millions of computers, everything is magnified to the Nth degree. A couple of recent articles and postings are getting a lot of attention. See “Vista’s Despised UAC Nails Rootkits, Tests Find” by John E. Dunn. This of course got picked up on the popular site Neowin.
Since a lot of you aren’t yet running Windows Vista, here’s a quick refresh on the tech. In Windows Vista, there are two types of user accounts: standard user accounts and administrator accounts. Standard users are equivalent to the standard user account in previous versions of Windows. Standard users have limited administrative privileges and user rights—they cannot install or uninstall applications that install into %systemroot%, change system settings, or perform other administrative tasks. However, standard users can perform these tasks if they are able to provide valid administrative credentials when prompted. With UAC enabled, members of the local Administrators group run with the same access token as standard users. Only when a member of the local Administrators group gives approval can a process use the administrator’s full access token. This process is the basis of the principle of Admin Approval Mode.
See the TechNet article, “Understanding and Configuring User Account Control in Windows Vista” for a detailed review of UAC. If you want to see it in action, see the following 4 minute screencast.