deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-17 19:33:37 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

updates

Browse Source
This commit is contained in:
Paolo Matarazzo
2023-05-25 11:30:42 -04:00
parent 43647b4891
commit 37a2825c25
10 changed files with 85 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
windows/security/application-security/application-control/user-account-control/index.md
View File

@ -16,15 +16,15 @@ Unless you disable UAC, malicious software is prevented from disabling or interf
## Benefits of UAC
UAC allows all users to sign in their devices using a **standard user account**. Processes launched using a *standard user token* may perform tasks using access rights granted to a standard user. For instance, Windows Explorer automatically inherits standard user level permissions. Any applications that are started using Windows Explorer (for example, by opening a shortcut) also run with the standard set of user permissions. Most applications, including the ones included with the operating system, are designed to work properly this way.\
UAC allows all users to sign in their devices using a *standard user account*. Processes launched using a *standard user token* may perform tasks using access rights granted to a standard user. For instance, Windows Explorer automatically inherits standard user level permissions. Any applications that are started using Windows Explorer (for example, by opening a shortcut) also run with the standard set of user permissions. Most applications, including the ones included with the operating system, are designed to work properly this way.\
Other applications, especially those that weren't designed with security settings in mind, may require more permissions to run successfully. These applications are referred to as *legacy apps*.
When a user attempts to perform an action that requires administrative privileges, such as installing software, changing system settings, or modifying critical files, UAC triggers a **consent prompt**. The prompt notifies the user that a change is about to occur, asking for their permission to proceed:
When a user attempts to perform an action that requires administrative privileges, such as installing software, changing system settings, or modifying critical files, UAC triggers a *consent prompt*. The prompt notifies the user that a change is about to occur, asking for their permission to proceed:
- If the user approves the change, the action is performed with the highest available privilege
- If the user doesn't approve the change, the action isn't performed and the application that requested the change is prevented from running
:::image type="content" source="images/uacconsentprompt.png" alt-text="UAC prompt in Windows 11.":::
:::image type="content" source="images/uacconsentpromptadmin.png" alt-text="UAC prompt in Windows 11.":::
When an app requires to run with more than standard user rights, UAC allows users to run apps with their *administrator token* (that is, with administrative rights and permissions) instead of their default, standard user token. Users continue to operate in the standard user security context, while enabling certain apps to run with elevated privileges, if needed.