ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > General Software Discussion

How necessary is the UAC in Windows 7?

(1/15) > >>

I've come late to the Windows 7 party, and so it's only now that I'm starting to gnash my teeth over the UAC (before Win7, I happily used WinXP Pro, which didn't have UAC).  At first, I thought UAC was a minor annoyance that was probably worth putting up with for the added protection it provided.  Today, I turned it off, and my temptation is to leave it off.

It was annoying enough when I wanted to check Malwarebytes for updates, and each time UAC would pop up and ask "Are you sure you want to run this program?"  Having assured it that I was, I then checked for updates, after which I wanted to run a Malwarebytes quick scan.  Up popped UAC again, to ask whether I was sure I wanted to run this program.  Yes, I again assured the Alzheimers-ridden UAC, I am sure.  OK, I've learned to tolerate forgetfulness--that's an ailment I increasingly share with many of my friends, so why not the UAC?

What finally made me turn UAC off was my inability to use ActiveWords to insert blocks of text into html files in Dreamweaver.  I would type the ActiveWords shortcut I had set, hit the key to enable it....and nothing happened.  The same version of ActiveWords and Dreamweaver had worked fine in WinXP Pro, and each of them works fine in Windows 7.  But not together.  I decided to see what would happen if I turned UAC off.  Sure enough, I can now insert my ActiveWords into Dreamweaver.  I'd be happy to toggle UAC on and off, but apparently changing UAC's state requires rebooting the computer each time.  Thanks but no thanks.

So how much danger am I courting by leaving UAC off?  I managed to run WinXP Pro for many years without getting infected.  Then again, I used both a PITA firewall (Outpost Pro) and a PITA antivirus program (McAfee Enterprise Edition), whereas  I'm trusting my Windows 7 64-bit computer to the Windows firewall and Microsoft Security Essentials, plus Malwarebytes Pro.  So can I/should I live with UAC turned off?  I'd welcome some informed opinions.

You could run the apps as Administrator (right-click menu) to alleviate the problems and only get prompted once. UAC isn't a huge help if you don't go around the depths of the internet downloading everything ending in .exe, but it can sometimes catch something trying to run in the background that wants to change something and you didn't want/it *is* malicious.

FWIW: I have UAC off. My dad's machines have it on.

I have yet to see UAC actually stop anything bad. In theory it's useful and increases security. In practice I've still seen plenty of infected Win7 machines, and even had some brushes with infection myself (as an IT professional I feel more comfortable taking risks sometimes, and sometimes I need to clean up messes I make :D).

I think one reason UAC doesn't often help is that most attack vectors these days are through existing installed software that you trust, e.g. PDF reader, Java, your web browser. Most malware is smart enough not to expose itself by running a random EXE or trying to inject into a process that Windows would flag. Or at least that's been my experience.

That being said I've left UAC on for most of my machines for the time being. But now that you mention it I'm thinking of turning it off. Basically I left it on after a mass migration of all my systems to Win7 6 months or so ago, with the intention to evaluate UAC for usefulness and act accordingly. So I can say my eval period is over and I don't see UAC as actually being that effective in practice. ;)

- Oshyan

Thanks, wreckedcarzz, for your response.  However, I'm pretty sure that the account I normally use is an Administrator account, and I still couldn't get ActiveWords to work with Dreamweaver until I turned UAC off.  Are you saying that the Windows firewall and  Microsoft Security Essentials won't stop some baddie trying to run in the background that wants to change a crucial setting?  I also have Malwarebytes Anti-malware Pro and WinPatrol PLUS on the computer, but I think of the main line of defense as the firewall and MSE.  

I don't go around clicking wildly on unknown .exe files, but I *am* something of a software nut, and so I do download a lot of programs.  I never open them before scanning them, however.  

I'm using the default created user account, which I would assume is administrator-level. I'm not totally sure how that works out, but over multiple machines, it works the same for me. Win Firewall and MSE are good (I'd keep Malwarebytes handy though, MSE doesn't catch a lot of off-the-wall stuff). Neither one will stop changes to crucial system settings, though.

If you want to drop UAC, I'd get a VM or sandbox tool (I use Sandboxie). Run unknown software in sandbox, if it's bad, kill the sandbox, delete contents, done.


[0] Message Index

[#] Next page

Go to full version