Windows 7 makes it easy to adjust the settings for User Account Control, the system protection feature introduced in Vista. You can access User Account Control Settings from Control Panel, whereupon you see a slider with four settings:
1. Always Notify
2. Notify me only when programs try to make changes to my computer – don’t notify me when I make changes to Windows settings
3. Same as (2) but without the dimmed desktop
4. Never notify
The default is (2). This means Windows 7 is not too annoying, but 3rd party applications still have to prompt in order to do things like writing to a location in Program Files.
Sounds good? Not really. Leo Davidson has an extensive write-up; but all you need to know is actually in the online help for option 2:
It is usually safe to allow changes to be made to Windows settings without you being notified. However, certain programs that come with Windows can have commands or data passed to them, and malicious software can take advantage of this by using these programs to install files or changes settings on your computer.
The problem lies in what Microsoft means by “make changes to Windows settings”. In reality, this is just a whitelist of applications which get elevated permissions automatically, and as online help hints, these are “certain programs that come with Windows.” Davidson observes that it is possible for malware to inject data into one of these processes and have it do whatever the malware wants without a prompt.
Microsoft’s point is that malware shouldn’t be running on your PC in the first place. Very true; but the simple slider control is less than honest about the implications of the default option.
The solution is to move the slider to the highest level. I am sure this should be the default: Microsoft: even at this stage it is not too late to change it. Let the user relax the security if they want; though this stuff about “Windows settings” should be replaced with something which better describes what the option means.
I am not all that worked up about this. UAC will still be achieving its main goal, which is to make 3rd party developers follow the rules more often – though it is still possible for developers to subvert this. And even when fully enabled, UAC is nothing like a complete security solution.
Still, bearing in mind that Microsoft is unlikely to change the default, I’d suggest that users move the slider to the highest setting. It is not painful at all, and at least gives you the same level of protection as Vista.