The User Account Control (UAC) team is responsible for some of the most important security features coming in Windows Vista and they have graciously agreed to answer many of your questions here with us.
WindowsConnected - Hi, Thanks for taking the time to answer some questions for us.
WindowsConnected - Who are you and what team do you work on?
Chris Corio – Chris Corio, Program Manager in Windows Security
WindowsConnected - Tell us a little bit about yourself.
Chris Corio – I’ve been at Microsoft for about 3.5 years and the whole time I’ve worked on Security technologies in Windows. I started as a developer in test and nearly 8 months ago I switched to the UAC project as a Program Manager.
WindowsConnected - Your team has changed names a couple of times will User Account Control (UAC) be the final name?
Chris Corio – I think we can safely say that User Account Control (UAC) is the final name of this group of technologies. It’s been a long road to get there but UAC is here to stay.
WindowsConnected - What features are covered by the User Account Control (UAC) team?
Chris Corio – There are several features that make up User Account Control. First off, there is the AppInfo Service and the consent\credential dialog. We’ve also added technologies to support legacy applications to maintain application compatibility in Windows Vista called Installer Detection and Data Redirection.
WindowsConnected - Will we be able to control UAC features separately and based on account or group?
Chris Corio – Most of the features in User Account Control are controlled by system-wide policies: This includes enabling and disabling UAC, Installer Detection, and Data Virtualization. The style of prompting can be changed to be different for users in the Administrators group rather than for Standard Users.
WindowsConnected - Why should I and other testers leave UAC on in Windows Vista?
Chris Corio – UAC represents a step towards an environment where users are running as Standard User by default. From a security perspective, this is a big win for desktop security. We’ve also put a lot of effort into ensuring that application compatibility is high so that the impact to testers is manageable. We’re very interested in any feedback that our customers have and for this we have the UAC blog.
http://blogs.msdn.com/UAC
WindowsConnected - What is Microsoft trying to achieve with UAC?
Chris Corio – Microsoft is really trying to reverse a historical trend in software development for Windows. Unfortunately, because the default user in Windows has typically been an Administrator, developers have assumed, possibly unknowingly, that they had the associated Administrator privileges. So applications would do things like write to %programfiles% or create global objects, etc. Typically applications will run just fine as Standard User but they need to be designed with that in mind from the start.
UAC is designed to allow applications to run as Standard User by default even if the user is in the Administrators group. This should have a positive effect because the default user type has changed.
WindowsConnected - What are the biggest problems that UAC faces?
Chris Corio – UAC faces a couple big problems. First and foremost, we need to make sure legacy applications run well on Windows Vista. The next problem is introduced because of the idea of giving consent to run an Administrator process. If an application has been marked as requiring Administrator privileges, the user will be alerted and asked for consent to run this application. The question is how do we convey information to users, who aren’t the most computer savvy, that tells them that this application is different and by running it you put your computer at risk.
WindowsConnected - Do you feel UAC was a feature designed primarily for consumers or enterprise customers, and why?
Chris Corio – It’s really designed for both. In the home, users will run applications by default as a Standard User and will have to consent to running something elevated. For enterprise customers the benefits are huge because they can finally reach the Standard User desktop in their enterprise. After investing to get the users to Standard User on the desktop, the enterprise should lower the TCO of the machines significantly and they reduce the risk to their infrastructure.
WindowsConnected - Many prompts do not give enough information to make an educated decision (Run DLL as APP), is this something you are working on?
Chris Corio – This seems to be more of a problem on earlier builds of Windows Vista and generally it pertains to Control Panel applets. This is changing and it’s something that we realize is very important. On the next CTP release of Vista you will probably see a lot of headway here.
Note: Current CTP is 5270
WindowsConnected - Many are feeling overwhelmed with prompts from UAC and Windows Defender, will we see some more intelligence/rationalization in the dialog prompting?
Chris Corio – This is another interesting problem that we’re seeing as Vista comes together. Providing a quality user experience is very important to our team but we also have to weigh the trade offs of shipping Windows Vista. Because of this, we’re doing our best to fix as much of the User Experience as we can with the available resources. And, if we don’t get all the scenarios quite right this release, we’ll fix them in SP1. ;-)
WindowsConnected - My app runs just fine with UAC off, but not with it on. What should I do?
Chris Corio – There are a couple tools that we recommend for you to use. Microsoft shipped the LUA Predictor tool as part of the AppVerifier 3.0 toolkit. This will log API calls that generally require administrator privileges. You can also use regmon and filemon from sysinternals.com to get a lot of interesting data about the file and registry writes of an application.
WindowsConnected - What can we expect in future builds of Windows Vista from the UAC Team?
Chris Corio – Look for the Shield! We’ve done a lot of work to mark all the locations that will require Administrator privileges and we’ve marked them with the Shield. We’re trying to ensure that users understand that when they click on something marked with a shield the next thing they will see is a Consent\Credential prompt.
WindowsConnected - What can the IT community do to help UAC succeed?
Chris Corio – Test, test, test! And provide us feedback. Tell us what doesn’t work for you and what does.
WindowsConnected -Any last words for everyone?
Chris Corio – Thanks to everyone who’s playing with Vista out there. It’s your feedback and experience that we use to make a better product for everyone. We all appreciate your work and commitment.
WindowsConnected - Thank you very much to Chris, and the UAC team, for taking the time to answer our questions. Don't forget to visit the UAC Blog
Posted
Jan 21 2006, 09:20 PM
by
Josh Phillips
Follow Me on Twitter
Did you enjoy this article? If yes, then subscribe to our
or
