User Account Control to Limit Vista Exploits

Following the lead of competitive OSs such as Apple OS X and Linux, Windows Vista will allow users to run with the least privileges needed to perform a task such as running an application or installing new software. Using the least possible privilege to perform a task limits the damage that a mistake or malicious software can inflict on a computer, but because many Windows applications assume that users have administrative privileges, Microsoft says it must balance security and reliability with application compatibility.

The Problem of Privilege

Windows NT, Windows 2000, and Windows XP all allow different users to be assigned different privileges, such as rights to create a new account, install software, or open a file for backup. In addition, special privileged user accounts (system, local, and network service) are available for Windows’ Service Control Manager, which runs various OS services and processes for all users and applications under these accounts.

Ideally, a user should use an account with administrator-level privileges for only the limited amount of time it takes to do administrative tasks, such as the following: