UAC purpose
Restrict a malware or spyware
from running in administrator mode.
ELEVATION
The process of getting
approval prior to running an application (such as installing
software) in administrator mode and prior to
running a system-wide utility (such as Computer Management) is called as elevation.
SECURE DESKTOP
Prior to elevation and display of
the User Account Control prompt, by default, Windows 2008 switches to a secure
and isolated desktop environment. Other programs and processes continue to run
on the interactive user desktop. Only the UAC prompt runs on the secure
desktop. A malicious program or user couldn’t gain access to the process being
elevated.
For Administrator
Prompt
Consent
Prompt for credential
Elevate without prompt
Administrator runs all applications and tools silently with
full administrator privileges.
For standard user
·
Prompt for credential
·
Automatically deny elevation request
You cannot run the
administrator application by RUN AS Administrator.
UAC – User Access Control--on
A standard User can run most applications. When a standard user wants to make system-wide changes, UAC notifies you for administrator privilege.
The above prompt is governed by User Account
Control: Behavior of the elevation prompt for standard users, which is under
Computer Configuration\Policies\Windows Settings\Local Policies\Security
Options\
UAC
notifies you when you run a program which requires administrator-level
permission.
UAC –User Account Control --OFF
Standard User – XP Compatible Style
Turn off UAC by Group Policy
User Account Control: Behavior of the elevation prompt for
standard users—automatically deny elevation request
User Account Control: Detect application installations and
prompt for elevation –Disabled
User account Control: Run all administrators in Admin
Approval Mode –Disabled