UAC and System Protection


  1. dw85745
    Posts : 199
    Win 7 Pro x32
       New #1

    UAC and System Protection


    Is UAC only valid for system login or does it work for other things?

    For example if a user logs in as a "standard user" (no admin rights) and then uses
    IE, Firefox or Thunderbird for example, what happens in the following cases (windows 7 Pro):

    1) User wants to download a webpage and save to the system
    2) User wants to view his/her email and then save an attachment to the system
    3) User clicks on an embedded link within the email and the email contains malware
    4) User clicks on a web page link and is taken to a malware page
    5) User wants to run a program that requires streaming data for a server and that
    data must be saved to a database on the system

    Thanks
      My Computer
    Quote Quote

  3. samuria
    Posts : 3,787
    win 8 32 bit
       New #2

    The user can do all they need to do all it stops is system things which may effect the o/s like format drive change critical services files etc
      My Computer
    Quote Quote

  4. Barman58
    Posts : 31,249
    Windows 11 Pro x64 [Latest Release and Release Preview]
       New #3

    UAC is simply a dual token system that simplifies the correct way of working that has been in use for many years in major computer systems.

    Before UAC an administrator would perform their normal day to day tasks as a standard user, (with possibly a slightly raised set of access permissions). When the administrator wished to perform an administrative task they would either use a password protected RunAs process or in more complex cases they would log out and log back in with an administrative account, (with password) perform the tasks and then log-out and back in as a standard user again.

    As you can see this was a long winded process and thus the use of UAC gives the same protection levels with a lot less effort, so is more likely to be used, and also as the elevation of rights is on a case by case basis there is no need to reduce the rights level.

    With your examples above as long as you assume that the local save location is one which the standard user has Read/Execute/write access to then there will be no issue with running or saving data.

    The case of the malware is a little more complex, If there is no anti-malware protection running, (normally these run with system rights so protect all users and files ), then the malware will infect the files and possibly some programs that the user has rights to access but will not be able to infect any critical systems so the clean-up will just need the removal of the infected account and it's replacement
      My Computers
    Quote Quote

  6. dw85745
    Posts : 199
    Win 7 Pro x32
    Thread Starter
       New #4

    samuria: Thanks for responding.

    Based on your response the UAC affects what the user can do to the system and does NOT have anything to do to
    keep malware off the system. I was under the impression -- rightly/ wrongly - that when a "standard" user account was created that those "gifted" rights belonged to the user. Hence, if the user can Not create a file, then the malware "MIGHT" be also prohibited from creating a file, unless the malware is somehow going around the user account such as directly manipulating memory which impacts the system when something is done where that memory is now saved to file.

    Barman58: we crossed posts. Thanks for responding. If appears you answered my above followup,
    except for trying to understand how malware (email click for example) can gain access to the system
    if User is denied "write" access -- or -- better yet:

    Say user has"write" access. How can malware go outside the directory where right access exists?
    For example, if the User is allowed to run Thunderbird (email)
    they need write access. Since Thundebird upon install makes a number of directories, how is one (admin) to know which directories have write access when one allows a User write access to Thunderbird since Thunderbird does NOT id those directories during install?
      My Computer
    Quote Quote

  7. Barman58
    Posts : 31,249
    Windows 11 Pro x64 [Latest Release and Release Preview]
       New #5

    The standard user cannot access any system files or memory locations directly so neither can the malware that is running as that user the only damage that malware can produce when running as a standard user is to that particular user alone so running as a standard user prevents malware damage and BTW also malicious actions by a disgruntled user
      My Computers
    Quote Quote

  8. dw85745
    Posts : 199
    Win 7 Pro x32
    Thread Starter
       New #6

    Barman58:

    Thanks a bunch. That clears up a few things for me.
      My Computer
    Quote Quote

 

  Related Discussions
Hi Everyone I went on my laptop this morning and it said I needed to run a system restore. Unfortunately when I try to it says I need to enable system protection on my C drive. I've been searching the web for a solution for the past couple of hours and it seems like quite a common problem....
I need help on how to remove the (system reserved) folder under Available Drives in protection settings. On all my other computers it is not shown. Not sure why it is there as it does not show anywhere else on computer as a drive. I guess it just bugs the hell out of me not knowing why it's there....
Please help!!! Pics included to explain the situation Basically after installing some new software for my phone my windows 7 laptop crashed - it flashes a blue screen and restarts on boot up I can get to image 1 page to try a system repair But then I need to enable system protection.. Image 2 ...
My Toshiba Notebook (x64) (running Windows 7) has stopped being able to open/run programs. I've been using safe mode to try and find a cure, and safe mode works fine. I ran a few antivirus programs that detected a few things, but none of them solved this issue. Using System Restore seems to be the...
I've tried to open System Protection in System in the Control Panel but it will not work. It gives an error of 0x81000203. I've rebooted and attempted but get the same thing each time.
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 05:13.
Find Us