Welcome to MSDN Blogs Sign in | Join | Help

UAC Improvements in Release Candidate 1 (RC1) and Video

We’d like to thank all of the Windows Vista beta testers for using and giving us feedback on User Account Control. It’s definitely an area where we’ve received significant feedback, and an area where we’ve been able to make significant improvements in Windows Vista Release Candidate 1.

On June 1, Steve Hiskey, Lead Program Manager for the User Account Control, blogged about the team’s plan to reduce the prompts in RC1. We’ve created a video to show you some of the work the team has done since then.

> Watch video

Prompt reductions shown in the video:

  • File operations, reducing the prompts caused by adding, deleting, or editing files in protected directories. For example, administrators can delete shortcuts from the public desktop without receiving a prompt. And the user should no longer receive a prompt when copying files to a newly formatted storage drive.

  • Re-architecting several Control Panel applets so that they no longer prompt when opened. Examples include the Firewall applet, Scanners and Cameras applet, and the Software Explorer of Windows Defender.

  • Reducing prompts when creating new network connections.

In addition to the prompts in the video, users can install high-priority updates without a prompt, and will receive fewer prompts caused from unknown devices and driver installation. Based on these changes, we are finding that, on average, users are not receiving any prompts most times that they use Windows Vista.

Other improvements besides prompt reduction that we’ve made to Windows Vista RC1 are:

  • UAC prompts will not “steal focus” from the user’s task. If the operating system cannot determine that the prompt was generated from the foreground window the current user is using, we will alert the user with a highlighted operation in the taskbar that an application is requesting elevated privileges. The user can select to elevate at his or her convenience and not be disrupted by an unplanned application elevation.

  • Elevations are now blocked in the user's logon path. Applications improperly elevating during each and every logon were a significant source of feedback from the Beta 2 release, and based on that feedback, we are disallowing elevations during logon.

  • Improved performance when switching to the secure (dimmed) desktop to display the prompts. We received significant feedback that the small delays during switching were disruptive, and we have worked with the video and display teams to enhance the user experience in this area.

If you’ve used an earlier version of Windows Vista, we are confident that you’ll notice the improvements in RC1. If RC1 is your first chance to use Windows Vista, you’ll probably wonder what all the fuss was about.

- Alex Heaton
Windows Vista Security

Published Tuesday, September 05, 2006 12:00 PM by User Account Control Team

Comments

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Tuesday, September 05, 2006 4:18 PM by aC
Nice to see that feedback is being used well...

In fact it seems removing prompts is on your mind a little too much. Should't

"administrators can delete shortcuts from the public desktop without removing a prompt."

actually say

"administrators can delete shortcuts from the public desktop without >>receiving<< a prompt."

:-)

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Tuesday, September 05, 2006 7:16 PM by windowsvistasecurity
Thank you aC, I fixed that. – Alex

# themillerexperience.com &raquo; Vista UAC reduces prompts in RC1

Wednesday, September 06, 2006 1:32 PM by themillerexperience.com » Vista UAC reduces prompts in RC1
PingBack from http://www.themillerexperience.com/?p=5

# UAC Improvements in Release Candidate 1

Wednesday, September 06, 2006 1:57 PM by Windows Vista Team Blog
One of the areas of Windows Vista on which we've received the most feedback is User Account Control (UAC).&amp;nbsp;...

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Wednesday, September 06, 2006 1:58 PM by rsclient
Here's more feedback: when blogging, it helps to say things that are true, and not say things that are not true.  Take, for example, your statement "We received significant feedback that the small delays during switching were disruptive".  The word small carries a clear implication that that the delays are unimportant.  When your team wrote the feature, you probably thought that they were.

However, once you got feedback about the feature, it's clear that it's not a small delay.  Overwhelming, everyone I know who's seen it thinks that it's a big delay.  Clearly other people think so to ("significant feedback").

Ergo, a true statement would be: "We received significant feedback that what we hoped would be small delays during switching were in fact too long and disruptive"

There!  A true statement!  One that you can write and be satisfied with!  Even better, by being more humble, and by acknowledging that your customer feedback is important, the new statement reflects better on Microsoft than the original.

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Wednesday, September 06, 2006 2:55 PM by speedy5662
In RC1 has it been made so that you can disable the UAC, without the red shield prompt to irritate the user? If not will this be something that could be utilized in a future release? For me, I am the only user on my computer and I find that the UAC is nothing but a pure aggrevation. I would like to disable this feature without getinng a red shield or any other "alerts" that it is off.

Thank you

Jonathan  

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Wednesday, September 06, 2006 3:47 PM by Maurizio
Can you make standard user as default at the end of installation? Because I think many people continue to use admin user as default.
At the end of installation you require administrator password and to make an standard user and use it as default
Thanks for all
Maurizio

# Windows Vista Release Candidate 1 (RC1)

Wednesday, September 06, 2006 5:07 PM by Windows Vista Security
As you may have heard by now, Windows Vista Release Candidate 1 (RC1) is complete! See the announcement...

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Wednesday, September 06, 2006 9:20 PM by Mike W
UAC still needs a lot of work. Deleting items still yields too many prompts (with the confirm on delete option set in recycle bin), there is a total that could be up to four different prompts.

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Thursday, September 07, 2006 12:34 AM by Wiest, Brian
With some of the work that is still needed. Make an option to allways allow source to run. I am connected to a SBS2003 machine as many of my clients are, when logging on the server runs a setup program to configure the workstation. EVERY time I log on I have to accept the UAC prompt for the server setup program. Please allow me to trust it.
Thank you

# Vista RC1 Reaction Roundup

Thursday, September 07, 2006 9:22 PM by Microsoft News Tracker
Vista RC1 Reaction Roundup

...

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Friday, September 08, 2006 10:33 AM by Antti Aspinen
Well, UAC does better job at RC1 but why haven't microsoft gone to the route of UNIX and established a clear rights managerment classes for the applications and also where are the tools to do stuff like chown root:root /Users/Files/To/Be/Changed/*
I know you got that kinky change attributes window which doesn't serve well users like me when I want to remove rights from guys like 345234-23452345-2345234-23452 which was created by XP?

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Saturday, September 09, 2006 5:37 AM by Chesong Lee

Would COM elevation using InvokeAs idiom without registry entries (registration-free COM object) be impossible?

UAC Elevated moniker still requires registry entry and does not seem support manifest-based COM.

It seems like COM-based approaches for UAC-friendly applications is best options for ISVs. If manifest-base isolated COM objects are also supported, it would be great for both developers and IT administrators for application deployment.

Is there any particular reason that it is not feasible?

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Saturday, September 09, 2006 3:20 PM by JanRei
I think UAC works much better in RC1 than in Beta 2. But there is still work to do.

I often recieve multiple warnings for one action. For example when I want to run a program directly after being downloeded via IE7, I get one warning from IE7 then from UAC.
Or when I want delete a file which needs administrator previliges I get to warnings.
Are there chances that this will be reduced to one warning each?

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Saturday, September 09, 2006 7:03 PM by hsuhd
i still hate it... it asks me about everything to change...i dont like the idea at all...

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Saturday, September 09, 2006 7:17 PM by andrew
Hello,

I upgraded my machine from Beta 2 to RC1. Before upgrading i had renamed my default 'Administrator' user account to 'ServerAdministrator' using the Local Security Policy setting 'Rename Administrator Account:'. I also had one other user account ('andrew') belonging to the 'Administrators' group because of being bitten from upgrading from XP to Beta 2.

Anyway the same bug has occurred:

Once i upgraded from Beta 2 to RC1 i logged into my 'andrew' user account ensured that the 'ServerAdministrator' account still had Administrator permissions and than removed the Administrators group from the 'andrew' user account.

I logged off expecting to see the ability to login to either the 'andrew' account and 'ServerAdmninistrator' account however the login page only displays the 'andrew' account to login to.

Now whenever i am prompted by the secure desktop it asks me to enter an adminsitrator password however i do not have anywhere to type in the password: ie you guys are not presenting me with a textbox to enter the password..... seriously this is so GOD DAMN ANNOYING!!!!! I suspect its because i upgrade with my administrator account renamed to 'server administrator' and you guys don't respect the fact that i have renamed it.

Is it possible to fix my laptop, or will i have to reinstall?

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Sunday, September 10, 2006 12:29 AM by andrew
It turns out that you guys disabled the 'serveradministrator' account when i upgraded to RC1. i could fix this by loading vista in safe mode which then allowed me to logon as the serveradministrator user and re-enabling the account.

# Things I learnt about Vista this weekend &laquo; Andy&#8217;s blog

Sunday, September 10, 2006 10:50 AM by Things I learnt about Vista this weekend « Andy’s blog
PingBack from http://spyder.wordpress.com/2006/09/11/things-i-learnt-about-vista-this-weekend/

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Sunday, September 10, 2006 12:02 PM by windowsvistasecurity
Andrew, yes we now disble the "built in administrator account" regardless of its name. http://blogs.msdn.com/windowsvistasecurity/archive/2006/08/27/windowsvistasecurity_.aspx.


I want to understand what you were seeing when you said "i do not have anywhere to type in the password: ie you guys are not presenting me with a textbox to enter the password"

what did the prompt look like? what did it say?

- Alex

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Sunday, September 10, 2006 12:13 PM by windowsvistasecurity
Jonathan, if you prefer not to recieve the red prompts from the Windows Security Center you can configure this using the "Change the way Security Center alerts me" link n the left side of the security center.
- Alex

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Sunday, September 10, 2006 1:33 PM by speedy5662
Thank you for a response Alex however the "Change the way Security Center alerts me" does not allow me to shut the UAC "red" shield off. It is only for updates, antivirus and firewall, disabling. I do like the concept of the UAC for those users that need it, however for me it is completely useless and I/we should be able to completely remove it without any "warnings" regarding it's disablement.

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Sunday, September 10, 2006 1:54 PM by windowsvistasecurity
On RC1, when I enable the "Change the way Security Center alerts me" setting, I do not get the red security center alerts if UAC is disabled. The behavoir may have been different in early builds. Which build # of Windows Vista are you using?

Also, I question the "however for me it is completely useless" statement. If you disable i, and run as an admin, all of your software will be running as admin too. And if a piece of malware is able to exploit a vulnerability in one of those programs, that maliscode code will be running with admin privelages as well. With UAC enabled, the programs you run will have standard user privelages, and will be more difficult to use in a serious exploit that could take over your computer. So please consider leaving it enabled.

- Alex

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Sunday, September 10, 2006 8:19 PM by Aaron Margosis
I'll add to Alex's comments.  Many people believe they're protected from malware because they keep up to date on patches and don't browse "strange" locations.  The problem is that the criminals have gotten much more aggressive about 1) finding and exploiting previously unknown bugs in software (all software, not just Microsoft's), and 2) hacking into well-known and trusted web sites to exploit innocent victims.  If you're running as admin when you unknowingly get hit with one of these, the criminals will have absolute control over your system.  UAC will dramatically reduce the impact that this malware can have.

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Sunday, September 10, 2006 10:12 PM by speedy5662
Ok Iwasn't sure about the "red" alert in RC1, since i have not loaded it yet. Truthfully it was one of my hold-ups. The last version I tried was 5536. Now to the point of the UAC that you both mention, I can say this is very true about the malware, hacking, etc... However for me I do have the utmost confidence with the security programs that I use. (Not Norton or Mcafee either for obvious reasons. I do have 2 hardware firewalls and a software firewall (2 if you include the xp firewall.) Also I have 2 Antivirus and 3 anti spyware programs. I guess you could say that I run a tight ship! I have never been hacked....Knock on wood...and yes I have had ocassional viruses due to my own stupidity. I also encourage my customers to utilize the same types of protection. The problem that I have with the UAC is also that hackers will eventually get way ahead and trash all of vista if they figure out how. (Some already have found allot of hacks, BTW) So I hope this helps to my original question of permanently disabling UAC and as to why I and others would want the same.

Jonathan

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Monday, September 11, 2006 1:30 AM by andrew
@Alex - here is a link to a picture that i posted on channel9

http://static.flickr.com/89/238925965_37e6fe9951.jpg?v=0

The link to channel9 is
http://channel9.msdn.com/ShowPost.aspx?PostID=233655

Thanks
andrew

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Monday, September 11, 2006 10:09 AM by Lani Phillips
I just installed Vista Beta RC1 and decided to do a clean install. Everything with Vista is working great (so far), but when I went to redownload Office 2007 Beta, it told me that Vista Beta RC1 users must come back at another time to get the Microsoft Office 2007 Beta Refresh. Am I missing something? The instructions for loading Vista RC1 did not say Office 2007 Refresh was not available. Can I still download the original Office 2007 beta program or do I have to wait for the Refresh to come out for download? Had I known it was not ready, I would have waited to install the Vista RC1 upgrade. Any ideads or suggestions would be greaty appreciated.


**Note: for anyone who plans to do a clean install-- if you plan to use the Office 2007 beta, they are now charging $1.50 per application for the download; AND the REFRESH is not currently available.

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Monday, September 11, 2006 1:04 PM by RSI foundation to SUE Microsoft over UAC
for those who don't know what RSI is read here
http://en.wikipedia.org/wiki/Repetitive_strain_injury
but if you are a vista user or will become one, you will know very well what
it is "firsthand" no pun intended.

UAC is that horrible idea some retarded person in MS thought of that pops
100 times in your face.
http://en.wikipedia.org/wiki/User_Account_Control
You have to do so many mouse clicks and movments that the RSI foundation
should sue
Microsoft for destroying the health of so many people world wide.

This is NOT taking into account the stress and fustration this "FEATURE"
will introduce to the world.

Perhaps a multi billion law suit will make MS think how to design an OS for
humans.

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Tuesday, September 12, 2006 1:22 AM by Will
Well when this gets fixed, I'll be happy. :)

https://connect.microsoft.com/windows/feedback/ViewFeedback.aspx?FeedbackID=189457

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Tuesday, September 12, 2006 3:10 AM by fcat
@RSI foundation to SUE Microsoft over UAC

RSI is retarded and ignorant

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Tuesday, September 12, 2006 3:16 AM by Luca
I would like an option to keep opened the details shown during a UAC message without needing to expand every times.
I mean the Details button: http://static.flickr.com/89/238925965_37e6fe9951.jpg?v=0

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Tuesday, September 12, 2006 2:03 PM by Mick Lohan
Hi Guys

Loaded a clean RC1 64 bit install onto my amd shuttle. Graphics fantastic , everything seemed to work until i tried to run a session from the PDC under IE7. I got prompted that the add-on 'Microsoft Office Animation Runtime' was required - so i clicked install active-x and your lovely UAC permission prompt appeared.Pressed Continue and then pressed install on the Security warning messagebox. The messagebox cleared and i was brought into windows messanger.On pressing play i again got the UAC prompt. I pressed Continue and the first slide appeared.Subsequently every time a new powerrpoint slide is about to be displayed up comes the UAC prompt and it doesn't make any difference if I presss 'Continue' or 'Cancel' the next powerpoint slide is displayed anyway.

As you can imagine after about 20 clicks - i was getting slightly upset. I admit it - i succumbed to the inevitable and decided to turn off the UAC. Which maybe you guys have made too easy to do.

I Restarted the pc and again went to view the pdc session. This time on accepting the prompt to install the active-x i was brought to the Microsoft download center and downloaded the powerpoint animator add-on.As you'd expect , everything worked swimingly from then on.

Then I got this guilty feeling that as you guys have put so much effort into the UAC - i should really give it another shot. I turned on the UAC again and restarted the pc.

When I re-ran the pdc session everything worked as it should.

If the beta refresh of Office had been available - the active-x would probably have been loaded with office ....

Now there's a thought.

Keep up the good work - i appreciate that this is trial software and must be fully tested. I hope this was of some use to you guys.

P.S. just to confirm i ran into the same problem with a 32 bit install.

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Wednesday, September 13, 2006 10:49 AM by thomasm
Funny thing... I went to the forum where this was posted (http://forums.techarena.in/showthread.php?t=585060) and it looks like you're the only one ready to sue Microsoft over this. Good luck with that; hope you have a lot of resources at your disposal. Especially when it's shown in court that you had the option to turn it off but didn't use it.

By the way, please learn English. Thank you.

# beta @ amanzi &raquo; Vista&#8217;s UAC Falls Short of Promises

Monday, September 25, 2006 8:36 AM by beta @ amanzi » Vista’s UAC Falls Short of Promises
PingBack from http://beta.amanzi.co.nz/2006/09/26/vistas-uac-falls-short-of-promises/

# re: UAC Improvements in Release Candidate 1 (RC1) and Video

Tuesday, December 19, 2006 2:38 PM by Izzat Alsmadi

I am running Windows Vista and GP 9.0. Upon installing SP1 for GP 9.0, installation seems running fine, but it will never take effect and the release version will keep showing 9.00.0114 rather than 9.00.029 I beleive with the SP updates.

Anonymous comments are disabled
 
Page view tracker