Even though the name has been changing, from LUA to UAP, and now finally User Account Control (UAC), the underlying goal has not changed. Our goal is to help protect individuals and organizations by enabling Windows Vista users to run their computers as Standard Users. It may sound humble, but this effort has the potential to significantly increase security for all users, reduce TCO and support costs for organizations, and enable parental controls that help protect children when online.
You can make an analogy between User Account Controls and seatbelts in cars. The Model T automobile was introduced in 1908, yet Ford did not include their first seatbelt until 1959, and they were not required by law in the US until 1968. When seatbelts were first introduced, they were perceived as an annoyance and their usage was low. But now their safety benefits have been proven and the majority of us use them. Likewise with User Account Controls, it may take some time to get used to the idea of running as a Standard User, but the safety benefits are clear, it will be less of an inconvenience than you think, and soon it will be hard to believe that we ever ran everything with full administrative privilege.
While we are also doing work on something called Admin Approval Mode, in which many common applications run as Standard User even if you're logged in as an administrator, we want to be very clear that you're still using the system as an administrator in this mode. When you're using Windows Vista, you’re either a Standard User or an Administrator, and our goal is to allow everyone to run as a Standard User.
To make our vision a reality, it's going to take a lot of work not only by us, but by the entire software industry. Since users will demand that their applications work under Standard User, software developers must make sure that their applications are compatible. To facilitate this, we're working on guidance for MSDN and there's a chalk talk that developers can review here.
Lastly, I want to thank each of you for reading our blog and apologize for not keeping it as fresh as we'd like to. So here's what we're going to do... From now until Vista launch, if we ever go 30 days without posting a new entry, the first 5 people that send mail to firstname.lastname@example.org will get free Vista swag shipped to you.
Thanks again and please send us your comments on our vision.
David B. CrossDirector of Program ManagementWindows Security