Windows Vista UAC Triggers

The User Account Control in Windows Vista is a feature that has generated a consistent amount of static. There are two main aspects that generated UAC criticism, the frequency of user prompts and its vulnerability to social engineering. As social engineering is concerned, Microsoft's initial take on User Account Control involved restrictive features to the point where it was not a viable trade-off between security and usability. The final form of the UAC has been relaxed in order to balance security features with convenience.

As frequency is concerned, I must tell you that the UAC is less chatty than you are inclined to believe. With the exception of the initial stages of setting up Windows Vista, UAC prompts are rare appearances. An average user should have no problem in managing the few and disparate UAC prompts once the operating system has been deployed and all the preferred software installed. Advanced users will find that this does not apply to them, but of course that there is always the possibility of turning UAC off.

Via the default UAC admin approval mode, all members of the local administrators group run with standard privileges. However, when users or applications attempt to introduce changes to the system settings and files in System Root or Program File, Vista's UAC will ask for administrator confirmation.

Common tasks such as installing or uninstalling applications will prompt the user for elevated privileges. Deploying Windows Updates, ActiveX controls and device drivers will lead to the same result. The same thing also goes for simply configuring Windows Update.

When users will attempt to modify Windows Firewall settings, managing the accounts in Windows Vista, or accessing content of the other users, they will also be prompted by the UAC asking to run the processes with elevated privileges. You will additionally need to configure Parental Controls or to run Task Scheduler with administrator privileges. Restoring backed-up system files will also trigger a UAC prompt. And last, I mentioned above that you can configure UAC or even switch it off, but in order to do so you will also need administrator privileges.