Larry Osterman said:
Ray7 said:
*snip*

***DING*** ***DING***  Give the man a ceegar.

UAC has never been a security feature.  Microsoft has NEVER claimed that UAC was a security feature.  It's a convenience feature that acts as a forcing function to convince software developers to get their act together. 

And if you don't like the default settings, you can make a trivial change to increase your prompting level back to where it was in Vista and all these "exploits" go away.

The ONLY secure scenario is to run as a standard user (with no admin privileges) and use fast user switching to switch to an admin account when you need to make configuration changes to the machine.  But most users won't put up with that level of security.  Heck, look at how much people complained about the UAC prompts.  Imagine how annoyed they'd be if MSFT forced them to log into another account to change their system configuration.

 

 

Ah now come on that's not true. MS has touted UAC as a security feature.

UAC blog "User Account Control (UAC) is a core security feature in the next release of Windows Vista and Windows Server code name Longhorn."

MSDN "In this webcast, we explore Windows User Account Control (UAC), a new security feature in the Windows Vista operating system."

MSDN "User Account Control (UAC), introduced in Windows Vista, is a security feature"

But of course strictly speaking it's not, but that's a technical definition. That's like saying that SQL server isn't a relation database because it doesn't meet all of the strict relational criteria that Codd set out (it's not, not all views are updatable)

Until Windows installs force the creation of an admin and a least privilege user it's the best there is.