User Account Control (UAC) has the best of intentions behind it. According to Microsoft's own estimates, a whopping 95 percent of all pre-Vista Windows users perform everyday tasks logged in with Administrator credentials that let them make any kind of system changes--but that also allow malicious hackers to hijack a PC easily. By default, UAC requires a password for such tasks, keeping users--or malware--from haphazardly changing sensitive parts of the OS.
But UAC is its own worst enemy. Its frequent pop-up prompts seriously annoy many users, particularly during setup of a new machine. The prompts appear less often after about ten days of heavy use, but some early adopters have never made it that far.
"These alerts just kept popping up constantly and unnecessarily," says Sergio E. Y
Like many other people, Y
"The average user will be programmed to click 'Allow' for everything," says Roger Thompson, chief technical officer for security vendor Exploit Prevention Labs.
Also, security researcher Joanna Rutkowska says that UAC has a design weakness in that it requires giving all program installations full system access whether they need it or not. (Rutkowska's report is on her blogging site.) Microsoft says that it included the potential weakness to ensure a smooth user experience, and it has not announced any plans to change UAC's design.
A second major addition to Vista's security arsenal is Windows Defender, an antispyware tool that is available at no cost for XP and is baked into Vista's guts. Though not meant to be a full antivirus utility, it can easily scan for spyware applications that suck up system resources and bombard you with pop-up advertising. Defender also offers additional protection when you download files via Internet Explorer 7.
A great idea. But in independent tests performed by the AV-Test security lab (AV-Test.org), Defender detected only 65 percent of 14,517 adware and spyware samples in an on-demand scan. By comparison, detection rates for eight antivirus programs with built-in antispyware ran between 73 and 99 percent for the same test sample.
"Windows Defender is not very good in my eyes. Most, if not all, stand-alone and integrated antispyware solutions are performing a lot better," says Andreas Marx, CEO of AV-Test in Germany.