ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

Why Microsoft Created User Account Control for Microsoft Windows Vista, Windows 7 and Server 2008R2

Updated on May 28, 2012

Starting with the rollout of Microsoft Windows Vista, User Account Control has been the source of many complaints aimed at Microsoft’s newest Operating Systems. With Windows 7 and Server 2008R2 Microsoft has enhanced UAC considerably, making it more user friendly and configurable, but do you still want to keep it on? In this article I will discuss the reasoning behind UAC, how it works (without getting technical), and what you can do for your own Windows Systems. TIP – to quickly gain access to the UAC control panel simply type UAC in the search box.

Why the need for UAC?

Back in the ‘Ol days (Windows 95, 98, ME, etc), there was no concept of different privileged user accounts. Every user was granted an admin by default. In fact, most or all of the programs that ran with your Windows system also HAD to run with admin privileges, or they wouldn’t work. The problem with that was that every program running while you were logged on, (every Java app, every flash component, etc) also ran with admin rights and without barriers. Think of the modern internet, almost every page has live, streaming, animated content that is written with multiple languages and code; Languages and code that must be interpreted and downloaded by your web browser. It is within some of this very code that spyware and malware hides. TIP – Java, flash, and adobe updates are almost always security patches, and important to keep up to date. (Even more important than Windows updates if you look at the statistics). With Windows NT came seperate user accounts, but users would log in with restricted permissions, and the applications\processes that ran could still "elevate" themselves (or be elevated) and influence the system at other levels. This is why UAC came about, to help restrict applications and processes unless specifically consented for by an administrator.


In Windows Vista, Windows 7, and Server 2008R2 separate user accounts are used and privileges are handed out in the form of “tokens”. (Don’t make it hard, just visualize a subway token).

When a standard user logs in they are granted a “token” with restricted access. “Restricted” meaning they cannot make changes that will affect the entire Operating System. When an administrator logs in, the user is granted two separate tokens for that session, one restricted token and one unrestricted admin token. While the Admin is logged in applications are started under the restricted user token and only elevated after the user is alerted and gives consent (“Run as Administrator”).

Surf as a USER not an ADMIN

One of the best ways to help keep your PC clean is by simply logging on and running your daily tasks as a user and not as an admin, especially when you are surfing the internet. As HubPage writers our research can sometimes take us to the far ends of the internet. We are almost always on new pages, sites, forums, social networks, and blogs. My advice is to do this while logged in as a user. Need to install a program? That’s when you can log into your admin account. You can read more about the UAC settings here. NOTE -- not all malware needs admin privileges, some will go for the user profile, which is why you should clean your PC on a regular basis.

There are many opinions on the validity of UAC. The bottom line is that no system protection is flawless, but the combination of a good antivirus package, Windows Firewall, routine cleaning and UAC can be quite effective. My advice is to turn UAC up until it bothers you, then turn it down a notch. If you can stand to keep it all the way up then do it. The middle two options will suffice but don't turn it off completely. One of the smartest things you can do is to surf the internet as a user, not an admin. Clean your PC as often as you remember too and you'll be good to go. Some of my other blogs include:


    0 of 8192 characters used
    Post Comment

    No comments yet.


    This website uses cookies

    As a user in the EEA, your approval is needed on a few things. To provide a better website experience, uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

    For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at:

    Show Details
    HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
    LoginThis is necessary to sign in to the HubPages Service.
    Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
    AkismetThis is used to detect comment spam. (Privacy Policy)
    HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
    HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
    Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
    CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
    Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the or domains, for performance and efficiency reasons. (Privacy Policy)
    Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
    Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
    Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
    Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
    Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
    VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
    PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
    Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
    MavenThis supports the Maven widget and search functionality. (Privacy Policy)
    Google AdSenseThis is an ad network. (Privacy Policy)
    Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
    Index ExchangeThis is an ad network. (Privacy Policy)
    SovrnThis is an ad network. (Privacy Policy)
    Facebook AdsThis is an ad network. (Privacy Policy)
    Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
    AppNexusThis is an ad network. (Privacy Policy)
    OpenxThis is an ad network. (Privacy Policy)
    Rubicon ProjectThis is an ad network. (Privacy Policy)
    TripleLiftThis is an ad network. (Privacy Policy)
    Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
    Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
    Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
    Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
    ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
    Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)