User Account Control in Windows Vistadownload.microsoft.com/download/9/a/1/9a1bd19d-f612-4444-8c25-0f… · User Account Control in Windows Vista Howard Chow Microsoft MVP. What Will

User Account Control in Windows Vista

Howard ChowMicrosoft MVP

What Will We Cover?

• Why Use User Account Control (UAC)• Why Use User Account Control (UAC),

and How It Worksand How It Works

• Improvements to the User Experience• Improvements to the User Experience

• Information about Application Deployment• Information about Application Deployment

Level 200

Agenda

• Introducing UAC Features and Benefits

g


• UAC Internals• UAC Internals

• User Experience with UAC• User Experience with UAC

• Securing Application Deployment• Securing Application Deployment

Why User Account Control?yA History of the Windows Ad i i t t A tAdministrator Account


Wh E t i R AWhy Enterprises Run As Administrator Today


Wh E t i R AWhy Enterprises Run As Administrator Today

Reducing the Total Cost of OwnershipOwnership

How User Account Control WorksAllow System to Run Well

SAs Standard User


SAs Standard User

S l ti l All A li tiSelectively Allow Applicationsto Run with Elevated Privileges


SAs Standard User


Fix or Remove InappropriateAd i i t ti Ch kAdministrative Checks


SAs Standard User


Fix or Remove InappropriateAd i i t ti Ch kAdministrative Checks

Registr or File Virt ali ationRegistry or File Virtualization Provides Compatibility

Standard User PrivilegesgView System Clock and Calendar; Change Time Zone


Install Wired Equivalent Privacy



Change Display and Power Management Settings




Install ActiveX Controls from Approved SitesInstall ActiveX Controls from Approved Sites




Install ActiveX Controls from Approved Sites

Add Printers and Other Devices










Create and Configure a VPC Connection








Create and Configure a VPC Connection

Download and Install Updates

Admin Approval ModeppOperating System Application

Signed Application Unsigned Application

Elevation ModelAdministrator Privileges

Ways to Request ElevationApplication Marking

Setup DetectionCompatibility Fix

S d d i il f l

Compatibility FixCompatibility AssistantRun As Administrator

Standard User Privileges (Default)

AdministratorAccount

Standard UserAccount

User Account Control Tools

St d d UStandard User Analyzer


St d d UStandard User Analyzer

• File Access• Registry Access Registry Access• INI Files• Token Issues• Security Privileges• Security Privileges • Name Space Issues • Other Issues


St d d UApplication

C tibilitStandard User Analyzer

Compatibility Toolkit 5.0

• File Access• Registry Access Registry Access• INI Files• Token Issues• Security Privileges• Security Privileges • Name Space Issues • Other Issues

Reducing TCO/Increasing Securityg g y

More Control over End-User Tasks



Control Access to Files and Data




Less Time Spent Troubleshootingp g




Less Time Spent Troubleshootingp g

Better Software Licensing Control

Implications for Application Developers

For the more information, visit:msdn2 microsoft com/enmsdn2.microsoft.com/en-

us/windowsvista/aa904987.aspx

Agenda


g





UAC ArchitectureAdministrator in Admin Approval Mode logon

Full administrator

Standard user

access token

Explorer exeaccess token Explorer.exe

Standard useraccess token

Standard user logon

Explorer.exe

UAC Architecture

1 Administrative application attempts to run1. Administrative application attempts to run.

UAC Architecture


2 AIS initiates the elevation prompt2. AIS initiates the elevation prompt.

UAC Architecture



3. Elevation prompts the user. Elevate?

UAC Architecture




4. Application launches as administrator.

UAC Architecture




4. Application launches as administrator.

5. Application is closed and elevated process exits.

File System and Registry Virtualization

C:\Program Files\FILE1 DAT

File/Registry Virtualization

C:\Program Files\FILE1.DATFILE1.DAT\User Profile\




C:\Program Files\FILE1.DAT\User Profile\FILE1.DAT




C:\Program Files\FILE1.DATFILE1.DAT\User Profile\


Security Security IssuesIssuesPerformance Performance DegradationDegradationAdditionalAdditional EndEnd--User TrainingUser Training

FILE1 DATFILE1 DAT

Additional Additional EndEnd--User TrainingUser TrainingApplication Application ConflictsConflicts

FILE1.DATFILE1.DAT

Installer Detection TechnologygyWindows Vista HeuristicallyDetects Installation Programs


What Installer Detection Applies toWhat Installer Detection Applies to


What Installer Detection Applies toWhat Installer Detection Applies to

What Attributes Are Checked toD t i Wh th 32 BitDetermine Whether a 32-BitProcess Is an Installer

Requested Execution Levelsq

Core Changes in Functionalityg yUAC Is Enabled by Default


All Subsequent User AccountsAll Subsequent User AccountsAre Created As Standard Users



Built-In Administrator Account IsDi bl d b D f lt N I t ll tiDisabled by Default on New Installations



Built-In Administrator Account IsDi bl d b D f lt N I t ll ti

Ele ation Prompts Are Displa ed

Disabled by Default on New Installations

Elevation Prompts Are Displayedon the Secure Desktop by Default

Agenda


g





Consent and Credential Promptsp

Consent and Credential Promptsp

Application-Aware Elevation Prompts




User Account Control Samplep

Preventing Shatter AttacksgIncreased ProtectionIncreased Protection

Root Kits Spyware Viruses


Windows Messaging SystemWindows Messaging System







UACUAC--Compliant SoftwareCompliant Software

Isolates Privileges Prevents Unauthorized Applications

DemoDemodemonstrationReviewing User Account ControlReviewing User Account Control

Use Windows Vista As a Standard UserUse Windows Vista As a Standard UserConfigure User Account Control

DemoDemodemonstrationElevating ApplicationsElevating Applications

Enable Auditing of Applications andEnable Auditing of Applications and Process CreationR El t d PRun Elevated ProgramsReview Audit Process Trackingg

Agenda


g





High Securityg yAll Applications Are Deployed UsingApplication Deployment Technology


Benefits of Using Technologies LikeBenefits of Using Technologies LikeSCCM, SMS, and GPSI



Requirements for This Level ofS itSecurity



Requirements for This Level ofS it

Benefits of Implementing UAC

Security

Benefits of Implementing UACin This Manner

Medium SecurityyApplications Installed on a Case-by-

CCase Basis


CCase Basis

Most Difficult Level to ManageMost Difficult Level to Manage


CCase Basis


Help Desk Has to Manage AllA li ti I t ll tiApplication Installations


CCase Basis


Help Desk Has to Manage AllA li ti I t ll ti

Sec rit Easil Compromised

Application Installations

Security Easily Compromised

Low SecurityyThree Possible Configurations:


Users Are Standard Users but KnowUsers Are Standard Users but KnowLocal Administrator Credentials



Users Are Local Administrators



Users Are Local Administrators

UAC Is Disabled and Users AreUAC Is Disabled and Users AreLocal Administrators

Session Summary

• UAC is a new approach to improving

y

• UAC is a new approach to improving computer securitycomputer security

• Using Windows Vista as a standard user greduces security vulnerabilities

• UAC makes it possible to secure application deployment

Documents

User Account Control in Windows Vistadownload.microsoft.com/download/9/a/1/9a1bd19d-f612-4444-8c25-0f… · User Account Control in Windows Vista Howard Chow Microsoft MVP. What Will