One of the foundations of security from attacks by a certain type of malware is the limitation regarding the access and modification to a user in the execution.

This is something we are very familiar with users of other operating systems like Linux, for example, greatly limiting the possibilities of a given malware accesses the system.

It includes Windows Vista (finally) a security system that is precisely what he does.

Obviously someone who does not have administrator permissions hardly be able to access files, folders, and system configuration, making it quite difficult for a virus is installed when the user does not have sufficient permissions to install.

But this situation changed somewhat when a user who does have these permissions (and this is normal in Windows, where most work with accounts with administrator permissions, if not working directly with the Administrator account, this does is dangerous.)

The innovation introduced the User Account Control (UAC or User Account Control) is that when we create a standard user, ie with limited privileges, it works as it has always worked on Windows, but when we create a user with privileges the system administrator really is creating two users (although all the effects we see only one).

When we work on our session, but our type of user is an administrator, we are working with a limited account, which does not allow us to perform operations that involve changing the system, either to do an installation, changes in certain parameters, or even a simple access to the system. This is evident even to remove certain files, even depending on the location of these.
This is something that we can see just by entering the Control Panel where they can see a number of options with a shield on his left.

Name: User Account Control.jpg Views: 202 Size: 22.0 KB

When are we going to do any of these actions, the system asks us permission to do so, we are raising the level of privileges to perform this action.

This, so that may seem annoying, it's not really, because in the normal use of the computer are actually very few times we need such privileges, and a normal user can pull weeks without him having to jump this notice as it is not usual that a program has to access and modify the system (or even record anything in the system folders), and if you notice this is jumping too often the first thing to consider is whether or not be doing or executing any programs you may be risking your computer.

This tool is activated for each user independently, it is desirable not to be disabled in any of them, not even in the senior team, especially since this is the user who has privileges.

So far all seems well, because even going to notice if a program tries to access these areas of the system so unwanted, but of course, like all security systems must know how to use them.

The window of application for the UAC indicates not only that a program will carry out operations which affect the system, but that tells us what program it is. Well, before giving our approval we must first know what we are allowed (we, I think).

It is our responsibility and if approved will be accessing the system or install a program that can be harmful, and against this there is no operating system that can fight, because it is the user (administrator in this case) indicating that it is conducted these operations.

What it does is that it is irresponsible to recommend to disable the system, as well as recommend browsing without having activated a virus or the like.

Of course, Windows offers the ability to disable UAC, as it offers the possibility to disable the Firewall. But the same at this point that almost no one thinks of surfing without a firewall should not be using an operating system without proper security measures, and this is what UAC offers.