Windows Vista User Account Protection (UAP)

What is Windows Vista User Account Protection (UAP)

Windows Vista’s new security model that reduces a system’s vulnerability to attack while still keeping your applications running that it’s supposed to be. The User Account Protection (UAP) provides an easy-to-use temporary-privilege elevation model. to prevent malware installations are reduced, also keeps our computers protected from Trojan horses and viruses. You don’t have to worry about it, so the bulk of the OS functions is made safely available to non-administrators and it’s further strengthened with a trust-based validation system through Mandatory Integrity Control, and Windows Resource Protection (the follow-on to Windows File Protection) guarantees a stable, read-only view of a running operating system.

Users and administrators who log on with highly privileged accounts for their typical day-to-day activities leave their systems vulnerable to Trojan horses and viruses. UAP or Limited User Accounts (LUA) as it’s also known, is a new security feature in Vista that protects the system by restricting the system to limited privileges even if you’re logged on to an account with Administrative credentials. When you attempt to run a feature that requires administrative credentials, the system prompts you for your password (or prompts you to log on using a different account) as the figure shows.

You can change this feature to just ask whether you want to run the program with administrative credentials and therefore not have to retype your password.

To do so perform these steps:

1. Click the Start Orb
2. Fire up your registry editor by typing ‘Regedit’ on the search field.
3. Navigate to the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system registry subkey.
4. Double-click the ConsentPromptBehavior DWORD value.
5. Set the value to 1 and click OK.
6. Log off and log back on for the change to take effect. The system now displays a different dialog box that simply asks for verification that you want to perform an action.

To disable UAP, click Start, “Turn UAP Settings On or Off,” and click Yes, as the figure shows. You’ll need to log out and log on for the change to take effect.