Comment by antiframe
20 days ago
Not terribly fair. When Windows decided running everything as administrator was bad and to add a visual sudo-like prompt, Apple made fun of them for it, but it was Microsoft reacting to a changing threat landscape then too.
Vista gets maligned but UAC is a good feature to have around, and Vista introduced it.
My first thought was "But back then those prompts were constant, making them almost useless", though maybe that did actually help by making software vendors rely less on admin rights?
It was a big mess, because users didn’t expect it, developers wanted users to just have everything run as admin, and the UAC user experience wasn’t polished yet. But that’s what you expect from new security features being introduced.
That was the whole point.
UAC is not a security boundary. Malware can bypass it if it wants.
It helps to actually enable having to type a password instead of clicking on Yes.
However yes, security is much more than an UAC dialog.
Additionally, just remembered, recently there is an additional option on Windows 11 that the UAC generates a temporary admin user and then throws the security token away.
https://blogs.windows.com/windowsdeveloper/2025/05/19/enhanc...