Windows 7 security tool-UAC Analysis

Source: Internet
Author: User

UACUser Account Control) is a new technology referenced by Microsoft in Windows VISTA and Windows 7. Its main function is to perform operations that affect system security, UAC is automatically triggered and can be executed only after confirmation by the user. Because most malware, Trojan viruses, and Ad plug-ins are used to copy Files to directories such as Windows or Program Files, install drivers, and install ActiveX, these operations will trigger UAC, And you can disable the running of these programs when the UAC prompts.

Operations that can trigger UAC include:

Modify the Windows Update Configuration;

Add or delete user accounts;

Change the Account type;

Change UAC settings;

Install ActiveX;

Install or uninstall programs;

Install the device driver;

Modify and set parental control;

Add or modify the registry;

Move or copy the file to the Program Files or Windows directory;

Access other User Directories

UAC is annoying

Yes, Microsoft has joined UAC since Windows VISTA, which has become one of the criticisms of VISTA dissatisfaction, because VSITA does not have the same UAC level setting as Windows 7, in fact, Windows 7 UAC is also very annoying), the general configuration of the computer at that time is also very low, so people can play it out if they don't move, at the same time, the guy who will lock the screen is quite disgusted.

UAC in Windows 7

Because UAC is too annoying, Microsoft has added the UAC level setting function in Windows 7, which corresponds to four levels:

Maximum level:

In the advanced level, "Always notification" (that is, fully enabled). At this level, A prompt window (and enable Secure Desktop) appears when you install an application, upgrade the software, and modify the operating system and Windows Settings of the application under any circumstances ), request user confirmation. It can be seen that this level is the most secure, but also the most "troublesome" level. It is applicable to the situation where multiple people share a single computer and other standard users are prohibited from arbitrarily changing system settings.

Default level:

By default, the user is prompted only when the application tries to change the computer settings, and the user actively changes the settings for Windows is not prompted. In this mode, Secure Desktop is enabled to avoid bypassing UAC to change system settings. It can be seen that the default level does not interfere with the normal operation of the user, but can effectively prevent malicious programs from modifying system settings without the user's knowledge. Generally, users can use this level.

Lower than the default level:

A little different from the default level is that the security desktop is not enabled at this level, that is to say, it is possible to change the system settings by bypassing UAC. However, if you want to enable the user to start some programs and modify the system, you can directly run the program without any security issues. However, if the user does not run any program but a prompt window pops up, it may be that the malicious program is trying to modify the system settings. In this case, you should choose to stop it. This level applies to users with certain system experience.

Lowest level:

The lowest level is to disable the UAC function (it must be restarted before it takes effect ). At this level, if you log on as an administrator, all operations will run directly without notice, including modifications to the system by viruses or Trojans. At this level, viruses or Trojans can connect to other computers in the network or even communicate with computers on the Internet or transmit data. It can be seen that if UAC is completely disabled and you log on as an administrator, the system security is seriously reduced. In addition, if you log on as a standard user, installing, upgrading the software, or modifying and setting the system will be rejected without any prompt. You can only obtain administrator privileges. It can be seen that UAC is completely disabled and logged on as a standard user, and various operations and settings are also very inconvenient. Therefore, we recommend that you do not select this level.

However, UAC is very useful.

Although UAC often installs software, its role cannot be underestimated. I have to admit that Microsoft is very advanced in terms of the operating system concept, so it is often possible to come up with something great but embarrassing, just like VISTA in the past, today, when people begin to accept Windows 7 and look back at VISTA, they are more and more aware that VISTA is actually a very good operating system, but it is just a bad time.

Improved security mechanism

As there are more and more trojan virus variants and more fast today, anti-virus software has a limited impact on system security, and we need more and more comprehensive system protection software, for example, many anti-virus software has been added to firewalls, anti-spyware, protection of sensitive data, and file shredders.

Microsoft has improved its security mechanism in Windows 7 and provided security function components such as Windows Update, built-in fireproof wall, Windows Defender, UAC, MSE, and Bitlocker. Where:

Windows Update can Update system patches to fix system vulnerabilities in a timely manner;

The firewall can prevent some network attacks and information leakage;

Windows Defender can clear some defined malware;

UAC can help users prevent undefined malware and trojans from running;

MSE is a free anti-virus software officially provided by Microsoft. It can clear viruses;

Bitlocker is a professional encryption system provided by Microsoft for enterprise users and Windows Ultimate flagship edition. It can encrypt sensitive data to prevent data leakage.

These security components can be combined to create a better system security environment. In fact, Windows 7's built-in functions such as system restoration and backup, policy groups, and PowerShell can be used properly, can play a very good role in system security.

Misunderstanding of Optimization

Since Windows XP, system optimization has become a hot topic. Many articles about optimization can be found on the Internet. However, system optimization varies from person to person, and blind optimization can only be counterproductive. Many optimized articles teach you how to disable various features that come with Windows, such as disabling UAC, but seldom tell others about the purpose of this function. It can be added to the system speed, but I do not know that this will cause a lot of potential risks, and also lose the opportunity to experience new Windows features, the result is often not worth the candle.

Principle of Information Security barrel

The amount of water a bucket can hold is not determined by those long boards, but by the shortest Board. This is the famous "Barrel Principle ". It is also applicable to information security. Failure in any stage means full failure. If Edison Chen used to smash and delete his "data" through files, or encrypted it with Bitlocker, we would not have the opportunity to get a full eye.

Security, the most important thing is yourself.

This is a reference to the title of my previous article. There is no love or hate for any reason in this world. I use this sentence to explain why I installed the same anti-virus software, many people often have viruses, but some people have very few causes. It is because few people with viruses have good security awareness and operational habits. It is also important that they can use a variety of tools other than anti-virus software to ensure system security.

The key is to learn more, learn more, and practice more. Open your UAC and have a good experience with this function.

  1. Windows 7 security is out of the masses
  2. Windows 7 UAC Vulnerability

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.