Over the past several years, the security of operating
systems has become more and more important. In response to the perception that
their operating systems are less secure than their Linux based competition, Microsoft
has responded by integrating a new security mechanism called User Access
Control (UAC) into their newest operating system Vista. In this article I will
describe what UAC is and how it works, why it is important to developers, and
how you can ensure that your .NET applications are compliant with the new
paradigm.
UAC is designed to address the problem of malware. Most
users, whether they need to or not, log in as local an Administrator. As a
result, any application that runs in their session has full Administrator
access to the operating system. This includes malware.
In short, UAC requires the user to confirm the execution of
any application that requires elevated permissions. By doing this, malware is
essentially cut-off from even being able to start. If you do not know the
application that is asking for elevated permissions, simply do not allow it to
execute.