myITforum.com

Welcome to myITforum.com Sign in | Join | Help

Site Home

Home

Bloggers List

Blogs

Photos

Downloads

Harry Waldron - My IT Forums Blog

Sharing Security Developments, and Best Practices for corporate and home users

Windows Vista UAC Controls - Tame it without turning it off

Windows Vista UAC Controls - Tame it without turning it off

Idea Vista User Access Controls (UAC) may be doing too good of job at times as it's designed to provide safety warnings. This warning system is designed to prompt for an administrative password anytime icons or scripts containing the shield icon are invoked. This article from Information Week is excellent and shares some techniques to tailor UAC so that it still properly warns but less often on the common day-to-day tasks.

Information Week: How To Tame Microsoft Windows Vista's UAC
http://www.informationweek.com/news/windows/operatingsystems/showArticle.jhtml?articleID=207801611

QUOTE: Are all those Windows Vista User Account Control warnings driving you nuts? Here are seven ways to make Vista's UAC less intrusive, while keeping legitimate security threats at bay. It's tempting to just turn off UAC and be done with it, but I'm not convinced this is a worthwhile solution. There are times when you'll want the protection that UAC affords, and there are ways you can make UAC a lot friendlier and less intrusive. Work with it rather than against it, and you may be pleasantly surprised at how manageable it really is.

BRIEF SUMMARY OF SEVEN UAC RECOMMENDATIONS

1. Slow An Overzealous UAC (tailor the circumstances UAC dialogs should and should not show up)

2. Use Process Explorer (use of this optional tool from Systems Internal)
http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

3. Schedule A Task To Run As Admin (set up common pre-existing applications to bypass UAC)
http://www.informationweek.com/news/windows/operatingsystems/showArticle.jhtml?articleID=207801611&pgno=3

4. Use UAC's "Quiet Mode (require advanced registry to set up common pre-existing applications for bypass) UAC)

5. Turn Off The Secure Desktop (The visual screen darkening and normalization after accepting may consume a few seconds. Turing this off on older equipment may make UAC more acceptable)

6. Tighten Up UAC's Control (It may also be desirable for Admins to supply passwords for UAC prompts)

7. Enforce Running Signed Code (Another strengthening measure is to ensure only signed code is run which can safeguard against malware; but as a caution there are many legitimate programs that execute unsigned code)