The User Account Control (UAC) it was introduced in Windows Vista by Microsoft to increase security when starting new programs with administrative permissions. This system has been perfected in Windows 7 and even on the latest versions of Windows (i.e. Windows 11 and Windows 10) has undergone very few changes, proving to be really useful as a first barrier to stop the launch of malware on exposed PCs.In the guide that follows we will show you in detail how user account control works on windowswhat we have to pay attention to when the UAC warning appears (as it is called by the systems engineers) and what we can do to make it even more restrictive or (which is highly discouraged) remove it completely.
READ ALSO -> Microsoft tools for Windows PC security
What is User Account Control and how it works
UAC is a security feature to prevent unauthorized changes to the Windows system. These changes can be made by users, programs and, sadly, malware (which are the main reason why UAC exists). Whenever administrator permissions are required to install a program or to perform operations on the system Windows displays a warning the control asks for permission to make this change.
If no approval is given, the change is not made. There are many types of activities that can bring up the UAC warning:
- Running a desktop program as an administrator
- Changes to settings and files in the Windows and Program Files folders
- Installing or removing desktop drivers and applications
- Changing Windows settings like Windows Firewall, UAC itself, Windows Update, Windows Defender, and more
- Adding, changing or removing user accounts
- Configuring Parental Controls in Windows or Windows Family Safety
- The planned activities
- Restore backup system files
- View or change folders and files of another user account
- Change system date and time
To make these changes, the use of a user account registered as administrator (with or without Microsoft account); if we use a simple account we will not have administrative permissionsthen UAC will ask you to enter an administrator account password before proceeding.
To learn more we can read our guide on how to create a user account on Windows.
Types of UAC alerts
When you see a UAC warning on the screen, you can read the details of the notification to understand what is happening precisely. Even just looking at the color of UAC notifications it is possible to understand if we have programs made by certified authors or by unknown authors (on which to pay more attention) or if we are facing a malware.
The blue UAC windows are the safest ones to click on: the author of the application or process is certified by Microsoft and you can then proceed by clicking on Yup without particular problems.
If, on the other hand, we meet one UAC window in yellow colorthe author of the application or process is not certified by Microsoft, or the author is not declared (Unknown author): in this case we must proceed with great caution e only authorize operations of which we are aware or installations of programs that we have always usedbeing especially careful when this window pops up when it shouldn’t (while browsing the Internet and not installing anything).
If we encounter the red UAC window, we don’t have to do anything: UAC has already blocked the execution of the malware or dangerous program, not even providing the option to accidentally hit Yes.
We remind you that pressing on the item Show details we can get more information about the application and its origin (path of the file, program or process). If an unknown file located in a suspicious location requires permissions with UAC (with yellow window) we must deny access.
How to change UAC settings
To configure User Account Control in Windowsall we have to do is open the app Control panel from the Start menu, click on User accountpress again on the item User account and finally click on the item Change the User Account Control settings.
On all versions of Windows that support UAC there are four levels to choose from:
- Always notify: to get alerts whenever a program requires administrator permissions and when another user account changes Windows settings. The desktop goes blank and you have to choose “Yes” or “No” in the UAC window before you can do anything else. This level is the safest, but also the most pain in the ass.
- Notify me only when programs / applications try to make changes to my computer: This is the Windows default setting, to get warnings before programs make system changes and require administrator passwords. This level is slightly less secure than the previous one because malicious programs can simulate keystrokes or mouse movements to change system settings.
- Notification only when programs / applications try to make changes to your computer: This level differs from the previous one in that the desktop is not available when the UAC prompt is shown. This decreases system security, as different types of malware may be able to interfere with the UAC prompt and approve changes automatically.
- No notification: this level disables UAC. Any application and any user account can make changes to the system without permission, like in the days of Windows XP.
In most cases, the default setting is more than sufficient, as it offers a good compromise between the window display and the security level.
Is it really worth deactivating UAC?
If you want to keep system security at good levels we must never disable UAC. When it is disabled, anyone can make changes to the system without consent so it is easier for malware to infect and take control of your computer.
Using your computer wisely and with common sense can also be enough to be safe but why risk it when Windows itself provides us with the right protection? It is also worth keeping UAC active to avoid that older programs, in case they are installed with UAC deactivated, have problems functioning after reactivation.
Conclusions
User Account Control was the first real security system introduced by Microsoft to stem the malware that was rampant on Windows XP, where it was very easy to get infected. Nowadays it is absolutely not recommended to disable UAC also because it has been much improved in the latest versions of Windows, showing the warning window only when really needed.
To increase the security level of the computer we can also read our guides on how increase Microsoft Defender security in Windows 11 and 10 and the guide on best combination of programs to protect your computer.