InfoWorld Security Boot Camp: Day 6: Use UAC for good, not evil
September 28, 2009

SECURITY BOOT CAMP, WEEK TWO
This week, we'll be focusing on improving your defenses.

YOUR ASSIGNMENT TODAY: Use UAC for good, not evil.

WHY DO IT: UAC tries to prevent the situation where too many Windows users are logged on with elevated user accounts all the time, when they do not need to be elevated for much of what they were doing. Not being logged on with elevated access all the time would significantly reduce the risk of current client-side attacks.

HOW TO DO IT: Read through Roger Grimes’ guide on which privileges UAC strips from un-elevated sessions compared to elevated user accounts. (The link is below.)

RECOMMENDED READING: " User Access Control in a nutshell," Infoworld.com