On MovieTome: Whedon makes an offer on Terminator
BNET Business Network:
BNET
TechRepublic
ZDNet

January 30th, 2009

Microsoft neuters UAC in Windows 7

Posted by Adrian Kingsley-Hughes @ 3:45 am

Categories: Windows 7

Tags: Microsoft Windows 7, Microsoft Corp., UAC, Microsoft Windows, Operating Systems, Software, Adrian Kingsley-Hughes

In an attempt to make Windows 7 generate fewer UAC (User Account Control) prompts Microsoft has neutered the mechanism to the point where it’s next to useless.

Here’s Long Zheng’s take on the issue:

The Achilles’ heel of this system is that changing UAC is also considered a “change to Windows settings”, coupled with the new default UAC security level, would not prompt you if changed. Even to disable UAC entirely.

Now you might not think that this is all that important since this setting cannot be changed unless the user chooses to do so. Wrong.

With the help of my developer side-kick Rafael Rivera, we came up with a fully functional proof-of-concept in VBScript (would be just as easy in C++ EXE) to do that - emulate a few keyboard inputs - without prompting UAC. You can download and try it out for yourself here, but bear in mind it actually does disable UAC.

Fortunately, there’s a simple workaround:

Until when Microsoft decides to fix this, if they do at all, beta users of Windows 7 can also apply a simple fix. Changing the UAC policy to “Always Notify” will force Windows 7 to notify you even if UAC settings change. Annoying, but safe.

What’s also annoying is that this issue has already been reported to Microsoft which claims that the way it works is “by design.” If that’s “by design” then it’s also bad design. I think that Microsoft’s gone too far to please the anti-UAC crowd with this change.

Adrian Kingsley-HughesAdrian is a technology journalist and author who has devoted over a decade to helping users get the most from technology. He also runs a popular blog called The PC Doctor. See his full profile and disclosure of his industry affiliations

Want to get in touch? Got a tip? Feel free to drop me a note! I ALWAYS respect anonymity. I'm also on Twitter (@the_pc_doc)

Right to Reply: Should any industry representatives wish to comment on any posts on Hardware 2.0, I will be happy to publish their reply verbatim on this blog.

Subscribe to Hardware 2.0 via Email alerts or RSS.

  • Talkback
  • Most Recent of 111 Talkback(s)
CentOS, Ubuntu.....
SELinux always seems to report it blocks things during an update.

I didn't report it because I have better things to do.

... (Read the rest)
Posted by: JoeMama_z Posted on: 02/04/09 You are currently: a Guest | | Terms of Use
They'll trot out Mark Russinovich  croberts | 01/30/09
...and still his comment is correct.  Joschibaer | 01/30/09
Yes his comment was correct  croberts | 01/30/09
It's not much different than other security measures.....  JoeMama_z | 01/30/09
learn to activate the superuser account in vista...  pcguy777 | 02/02/09
Like all geeks...  no_axe_to__grind | 02/02/09
superuser account  tmsbrdrs | 02/02/09
Let me get...  thx-1138_@... | 02/02/09
what are you talking about?  tmsbrdrs | 02/02/09
CentOS, Ubuntu.....  JoeMama_z | 02/04/09
Re: What people thought  notsofast | 02/02/09
Just wondering  tmsbrdrs | 02/02/09
Surely it's not correct...  Thack | 01/30/09
read this....  JoeMama_z | 01/30/09
Wrong terminology, but valid complaint  Thack | 01/31/09
You'll hear no complaints from me...  JoeMama_z | 01/31/09
boundaries  tmsbrdrs | 02/02/09
Did you ever see one of his webinars ?? at all??  XMLFRE@... | 01/30/09
Seen him in person  rtk | 01/30/09
RE: Microsoft neuters UAC in Windows 7  aayub@... | 01/30/09
Can a internet security software stop....  ginoyann | 01/30/09
They will....  JoeMama_z | 01/30/09
didn't answer the question  tmsbrdrs | 02/02/09
I don't see a UAC prompt most days  tech_walker | 02/02/09
UAC  tmsbrdrs | 02/02/09
RE: Microsoft neuters UAC in Windows 7  mac_worm@... | 01/30/09
I agree...  Sleeper Service | 01/30/09
Unfortunately  tmsbrdrs | 02/02/09
I never understood why people were so annoyed with this.  storm14k | 01/30/09
when an installer kicks off multiple scripts  Clewin | 01/30/09
this only happens with poorly written installers  qmlscycrajg | 01/30/09
Message has been deleted.  drprod@... | 01/30/09
Yes Adobe does has...  logicearth@... | 01/31/09
Please, tell us which installer this was  rtk | 01/30/09
If these bozos coded a Mac of Linux version  tmsbrdrs | 02/02/09
I suspect the biggest annoyance...  3D0G | 01/30/09
Message has been deleted.  drprod@... | 01/30/09
First impressions  tmsbrdrs | 02/02/09
It should be more explicit  Kaiwai | 01/31/09
Perhaps you didn't read his comment  tmsbrdrs | 02/02/09
You mean  tmsbrdrs | 02/02/09
I like UAC as it is in Vista...  pico_D | 01/30/09
RE: Microsoft neuters UAC in Windows 7  NStalnecker | 01/30/09
I can tell you're not a Linux user  tmsbrdrs | 02/02/09
RE: Microsoft neuters UAC in Windows 7  rward@... | 01/30/09
So let me get this straight  wolf_z | 01/30/09
It could be an "option"  WiredGuy | 01/30/09
problems with UAC  tmsbrdrs | 02/02/09
Timer would be a good option for some  WiredGuy | 01/30/09
I think what you mean...  logicearth@... | 01/30/09
Actually  tmsbrdrs | 02/02/09
And your point is ... ?  Yagotta B. Kidding | 01/30/09
The default configuration of UAC needs to match that of Vista.  ye | 01/30/09
Win7 is just an useless OS  qmlscycrajg | 01/30/09
I agree. Except when...  ye | 01/30/09
or  tmsbrdrs | 02/02/09
No actually  nilotpal_c | 01/30/09
Please explain how it differes from UNIX OSes.  ye | 01/30/09
re: how it differs from Unix  GerryVe | 01/30/09
See my response...  ye | 01/30/09
The SBS MVP of the Year agrees with you  Joe_Raby | 01/30/09
RE: Microsoft neuters UAC in Windows 7  XMLFRE@... | 01/30/09
For a non MS employee  tmsbrdrs | 02/02/09
Which is less secure?  voyager529 | 01/30/09
Just make it like Fedora's  Boot_Agnostic | 01/30/09
I agree (I think)  slimmac1 | 01/30/09
Give that man a hug.  Custard_over_2x_Pie | 01/30/09
RE: Microsoft neuters UAC in Windows 7  JohnColaSC | 01/30/09
RE: Microsoft neuters UAC in Windows 7  Loverock Davidson | 01/30/09
This is the evidence that Vista UAC is very good  qmlscycrajg | 01/30/09
A disaster, in my view  Thack | 01/30/09
Physician heal thyself  Ole Man | 01/30/09
RE: Microsoft neuters UAC in Windows 7  pb2004 | 01/30/09
No, that won't do for an excuse  Thack | 01/30/09
re:  pb2004 | 01/30/09
Bzzzzzzzzzt!  thx-1138_@... | 02/02/09
RE: Microsoft neuters UAC in Windows 7  ginoyann | 01/30/09
So, it's as safe as XP then? wink  Custard_over_2x_Pie | 01/30/09
RE: Microsoft neuters UAC in Windows 7  bigsibling | 01/30/09
UAC Follies  Chad_z | 01/30/09
True, but most people don't shell out at all  croberts | 01/30/09
UAC sucks.....  JoeMama_z | 01/30/09
you're too ignorant  qmlscycrajg | 01/30/09
Quit looking in the mirror  peter.j.boyles@... | 01/30/09
No I'm not....  JoeMama_z | 01/30/09
Microsoft Lays Off Thousands As Ballmer Pockets Millions.  chessmen | 01/30/09
You must be pretty arrogant then.  Sleeper Service | 01/30/09
MS has always had the reputation.  joe.smetona@... | 02/03/09
RE: Microsoft neuters UAC in Windows 7  GerryVe | 01/30/09
That's exactly the way it is on Windows.  ye | 01/30/09
it's the default behavior that's the problem  GerryVe | 02/01/09
then there is the default reponse (too often)  TtfnJohn | 02/02/09
harried office workers  rtk | 02/02/09
And it's equally obvious that you haven't a clue either  TtfnJohn | 02/02/09
RE: Microsoft neuters UAC in Windows 7  techrepublic@... | 01/30/09
UAC Annoyances  roboakes | 01/30/09
more uac ****  lab3cats@... | 01/30/09
According to Microsoft, this is by design  shellcodes_coder | 01/31/09
Totally unsatisfactory response from Microsoft  Thack | 01/31/09
I've been saying for months: 7's reduced UAC is a security hole  PB_z | 01/31/09
The protection is not gone. It's still present if you change...  ye | 01/31/09
UAC was a good idea in Vista; Aero (Glass) wasn't  maskman01 | 01/31/09
Microsoft should just kill UAC  Randalllind | 01/31/09
Huh??  Thack | 02/01/09
huh?  pico_D | 02/02/09
For once I agree with you.  Spiritusindomit@... | 02/02/09
Adrian... I found a better workaround for no uac in vista.. its...  pcguy777 | 02/02/09
UAC interferes with my programs  reapur | 02/02/09
If you know what you're doing  longbongsilver | 02/02/09
if you believe you don't need UAC  rtk | 02/02/09
What a relief  aayub@... | 02/04/09

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Click Here
advertisement

Recent Entries

advertisement

Archives

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

  • Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
  • More from IBM
  • Innovate your business' process model, play against the market, compete against others on our scoreboards and WIN! Try INNOV8 2.0: A BPM Simulator
  • Enabling Real-World Business Transformation through IBM Service Management Read the EMA Analyst Report
Click Here