With Windows XP and earlier versions of Windows, any process started by a user logged on as an administrator would be run with administrative privileges. This situation was troublesome because malware could make system-wide changes, such as installing software, without confirmation from the user. In Windows Vista and Windows 7, members of the Administrators group run in Admin Approval Mode, which (by default) prompts administrators to confirm actions that require more than Standard privileges. For example, even though a user might log on as an administrator, Windows Messenger and Windows Mail will run only with standard user privileges.
To do this, Admin Approval Mode creates two access tokens when a member of the Administrators local group logs on: one token with full permissions and a second, restricted token that mimics the token of a standard user. The lower-privilege token is used for nonadministrative tasks, and the privileged token is used only after the user’s explicit consent. Windows Vista prompts the user for consent before allowing an application to complete an action that requires administrative privileges.
Many organizations use the benefits of UAC to create Standard, rather than Administrator, user accounts. Admin Approval Mode offers some protection for those users who need administrator privileges—such as developers—by requiring confirmation before an application makes any potentially malicious changes. Like most Windows 7 security improvements, the consent prompt is enabled by default but can be disabled using Group Policy settings. Additionally, the consent prompt can require users to type an administrative password or, for standard users, simply inform them that access is not permitted.
Source of Information : Windows 7 Resource Kit 2009 Microsoft Press
Subscribe to:
Post Comments (Atom)
Cloud storage is for blocks too, not just files
One of the misconceptions about cloud storage is that it is only useful for storing files. This assumption comes from the popularity of file...
-
Many of the virus, adware, security, and crash problems with Windows occu when someone installs a driver of dubious origin. The driver suppo...
-
The Berkeley motes are a family of embedded sensor nodes sharing roughly the same architecture. Let us take the MICA mote as an example. T...
-
Modern computers contain a significant amount of memory, and it isn’t easy to know whether the memory is usable. Because of the way that Win...
No comments:
Post a Comment