Vista - Disabling UAC doesn't actually decrease security?

With UAC enabled in Vista build 5536, I get confirmation prompts in admin
accounts, and I get password dialog boxes in standard user accounts. And of
course standard users can't read each other's home directories.
Then I ran secpol.msc and under Local Policies\Security Options I disabled
User Account Control: Run all administrators in Admin Approval Mode, and
then rebooted. Now, as expected, admin accounts silently grant privilege
elevation and no longer give confirmation prompts, but in standard user
accounts, instead of getting a password dialog or a silent granting of
privilege elevation, I get automatic denial. And standard users still can't
read each other's home directories.
So, if non-admin users are using standard user accounts, and the admin
accounts are used only to run trusted software, then what security is
actually lost by disabling UAC? Standard user accounts haven't gained any
new privileges by having UAC disabled.

That's because you haven't actually disabled UAC itself

--
Jane, not plain 64 bit enabled
Batteries not included. Braincell on vacation :-)
"Roof Fiddler" <fiddler@roof.com> wrote in message
news:uidcfoe2GHA.2196@TK2MSFTNGP06.phx.gbl...
> With UAC enabled in Vista build 5536, I get confirmation prompts in admin
> accounts, and I get password dialog boxes in standard user accounts. And
> of course standard users can't read each other's home directories.
> Then I ran secpol.msc and under Local Policies\Security Options I disabled
> User Account Control: Run all administrators in Admin Approval Mode, and
> then rebooted. Now, as expected, admin accounts silently grant privilege
> elevation and no longer give confirmation prompts, but in standard user
> accounts, instead of getting a password dialog or a silent granting of
> privilege elevation, I get automatic denial. And standard users still
> can't read each other's home directories.
> So, if non-admin users are using standard user accounts, and the admin
> accounts are used only to run trusted software, then what security is
> actually lost by disabling UAC? Standard user accounts haven't gained any
> new privileges by having UAC disabled.
>

"Jane C" <jellybean@nospam.xjgarage.org> wrote in message
news:E43F67F3-CE02-41A6-A020-006C414B60E5@microsoft.com...
> That's because you haven't actually disabled UAC itself
Ah, right. Oops.

Hello,

This actually does disable UAC.

The security loss comes into play because all programs now silently run with
the full privileges of the user. When logged in as an administrator, all
programs run with full admin privileges, even the ones that don't need it.
This is bad news in today's world, regardless of operating system.

UAC does three things for you, and you see the most benefit when running
under the admin account, but this also benefits normal users by allowing
them to elevate:

1) Programs run only with the least privileges necessary. Notepad shouldn't
be able to take control of your domain and format all the hard drives on
your network. Why give it so much power?

2) Programs that NEED admin access MUST be approved to run by YOU at the
time that they start, every time. So, if somehow some nasty software burrows
onto your system and gets itself to start somehow, you can stop it from
starting. There is no way to bypass this behavior with UAC enabled - if you
allow something to run elevated, you can no longer blame Windows for the
intrusion.

3) UAC provides the infrastructure for more advanced security controls such
as Internet Explorer protected mode. I would expect that future versions of
windows will add more security controls based on the core UAC model.


--
- JB

Windows Vista Support Faq
http://www.jimmah.com/vista/

"Jimmy Brush" <JimmyBrush@discussions.microsoft.com> wrote in message
news:73F9C6C6-362C-496E-8E0A-94879BE9B1BA@microsoft.com...
> Hello,
>
> This actually does disable UAC.
>
> The security loss comes into play because all programs now silently run
> with the full privileges of the user. When logged in as an administrator,
> all programs run with full admin privileges, even the ones that don't need
> it. This is bad news in today's world, regardless of operating system.
>
> UAC does three things for you, and you see the most benefit when running
> under the admin account, but this also benefits normal users by allowing
> them to elevate:
>
> 1) Programs run only with the least privileges necessary. Notepad
> shouldn't be able to take control of your domain and format all the hard
> drives on your network. Why give it so much power?
>
> 2) Programs that NEED admin access MUST be approved to run by YOU at the
> time that they start, every time. So, if somehow some nasty software
> burrows onto your system and gets itself to start somehow, you can stop it
> from starting. There is no way to bypass this behavior with UAC enabled -
> if you allow something to run elevated, you can no longer blame Windows
> for the intrusion.
>
> 3) UAC provides the infrastructure for more advanced security controls
> such as Internet Explorer protected mode. I would expect that future
> versions of windows will add more security controls based on the core UAC
> model.
>
>
> --
> - JB
>
> Windows Vista Support Faq
> http://www.jimmah.com/vista/


Sounds similar to how XP was set up . . . but at least new users in Vista
are defaulted to Standard (only the first user set up is defaulted to
Admin).

Mic