14 DAY TRIAL // Windows Vista delivers an evolved balance between security features and convenience compared to Windows XP. In this context, Jim Allchin, Microsoft Co-President, Platform and Services Division, brought into focus the differences between the two operating systems from the perspective of the administrator privileges.
Windows XP was limited in this aspect. But the limitations delivered by XP were detrimental. In fact, XP users have preferred running as members of the local administrator group due to the lack of usability associated with the standard user accounts.
"When we set off to make sure that Windows Vista was the most secure version of Windows ever, we had to create security capabilities that we could enable by default and be usable enough to be left on when the system was deployed. It's a great irony when you realize that one of the risks of adding more security in the name of making people safer is that users might stay on older versions that, in some ways, appear easier to use but are much less secure than the new system," explained Allchin.
Allchin defines the User Account Control as the "standard user that works" or "non-administrative user that can actually do things." It is an elementary description, but it serves its point. Vista's UAC, restricting user privileges to those of a standard user, is essential in protecting the system from malicious content and from users that will perform administrative tasks that will have an impact throughout the operating system.
Sure, the UAC is a tad chatty at times. But it must be regarded as a necessary evil. Another downside is the fact that it places the user in the driver seat, and the user is generally regarded as the weakest link in the security chain. However, the UAC will considerably limit the system's exposure to malware.
"In Windows Vista you will find that once you get beyond the setup phase on most systems, you can work just fine as a standard user. The problem was what to do when the user needs to complete a task that does require the administrator privilege. To address this need, we created a new capability in Windows Vista so that when a standard user tries to do something that requires the administrator privilege, the system prompts the user to have an administrator authorize the task by entering their credentials (or confirm the task if you are an administrator)," continued Allchin.