"Run as Administrator": What Does It Mean?

[Julio Franco]

#ThrowBackThursday As a TechSpot reader you've surely opened software as an admin on Windows before, maybe as recently as today. But do you know what happens under the hood of Windows when you tell the OS to run a program as an administrator, and why is this process necessary in the first place?

Read the full article here.

https://www.techspot.com/guides/1718-run-as-administrator-explained/

 

[Arturas]

From personal experience I can add two more hints:

1. If you run a third party file explorer (such as Total Commander and similar), any program run from it will have the same integrity level, meaning that if you run TotalCmd as Admin, all the programs you run from it will automatically be run as Admin.

2. If Compatibility tab doesn't appear on a program (as it unfortunately does on Visual Studio), right click on the executable, select "Troubleshoot Compatibility", select "Troubleshoot program" and check "The program requires additional permissions". Make sure to click on "Test the program..." and close it properly, otherwise it will not save the settings. (Keep in mind that this requires "Program Compatibility Assistant Service" to be running)

 

[VitalyT]

"Run as Administrator": What Does It Mean?

That's like putting your entire system's security into FDAU position, and waiting to see what happens. It is a Microsoft feature.

 

[OutlawCecil]

Leave it to Microsoft to think it's a good idea to second guess every action by the user by having them double click on something only to get essentially a "Are you sure?" popup. I turn that crap off on every Win10 machine I come across. If somebody is going to run a risky exe, they're going to run it anyways! Users will always become conditioned to simply accept the permissions when asked.

The funny thing I run into is programs like OneDrive that actually tell you they can't be run as Administrator and that you need to run it normally. Like woops! I have too many permissions to be able to run. I've seen this in about 4 or so different programs over the last year.

 

[harm9963]

"Run as Administrator": What Does It Mean?

That's like putting your entire system's security into FDAU position, and waiting to see what happens. It is a Microsoft feature.

Yup University of hard knocks .

 

[axiomatic13]

"Run as Administrator": What Does It Mean?

It means that the programmer is either old (from a time when everything HAD to be done with admin account) or lazy (unwilling to conform to newer programming standards that you should limit the application to the USER session for the sake of security.) Run as Administrator is completely unnecessary if you do your job right.

 

[DelJo63]

Now that we've had some fun ...

The Administrator account (S-1-5-21-635012957-3435899091-545158274-500) has special privileges associated in the NTFS perms to ensure joey jr doesn't muck-up the system files.

All versions of windows clear back to XP use this concept.

 

[tipstir]

Run as the admin of the system, you can install, setup, change, clean, remove, delete, format what every you want. Mostly opening up the CMD forum MSDOS commands and such that require Run as Admin. But you should right click on the dos prompt before you enter MSDOS terminal window dialog box.

 

[Darth Shiv]

Leave it to Microsoft to think it's a good idea to second guess every action by the user by having them double click on something only to get essentially a "Are you sure?" popup. I turn that crap off on every Win10 machine I come across. If somebody is going to run a risky exe, they're going to run it anyways! Users will always become conditioned to simply accept the permissions when asked.

The funny thing I run into is programs like OneDrive that actually tell you they can't be run as Administrator and that you need to run it normally. Like woops! I have too many permissions to be able to run. I've seen this in about 4 or so different programs over the last year.

We have training courses at our company to specifically tell them to not just click OK for everything. And then you have to score 100% on the test after.

 

[fktech]

UAC off!!!

 

[fktech]

Run as Administrator always. Backup often.

 

[DelJo63]

UAC off!!!

Run as Administrator always. Backup often.

Major invitation to malware -- hope you're better at recovery that advice!

 

[OutlawCecil]

Major invitation to malware -- hope you're better at recovery that advice!

I disagree. It is your antivirus' job to stop malware attacks. If you download a file to install on your computer, then get an "are you sure you want to run this with administrative privileges" popup, I doubt anybody would say no and choose simply not to install it. There's no way to know if you should or should not accept, hence why your antivirus should be making that decision for you.

 

[DelJo63]

If you download a file to install on your computer, then get an "are you sure you want to run this ...

YOU did the download - - are you suggesting you're not sure? WHY did you download then?

THE UAC popup is the protection that raises the red flag for you - - "hey, I didn't DL anything, so WHY the install?? Of course reject!!

With the right UAC setting (aka always ask) and running as Limited User, you can't hurt the system :grin: If UAC is off and you're silly enough to run under Admin, you'll get stung every time :sigh:

 

[Mike89]

I also disable UAC on every machine I run and have done it for years. I'll except the risks of using a computer cause I know what I'm doing and UAC is more of a nuisance to me than protecting me from myself. I don't need Microsoft in my face constantly asking me, "are you sure dummy that you what you are doing". Not personally against UAC, I'm just against using it on my computer. If you actually think you are safer from being asked every time you do something "are you sure", then go for it

 

[jpuroila]

Major invitation to malware -- hope you're better at recovery that advice!

I disagree. It is your antivirus' job to stop malware attacks. If you download a file to install on your computer, then get an "are you sure you want to run this with administrative privileges" popup, I doubt anybody would say no and choose simply not to install it. There's no way to know if you should or should not accept, hence why your antivirus should be making that decision for you.

You're putting too much faith on antivirus software. I'm not saying that you shouldn't use an antivirus, but it should be there as a backup, not as an excuse to do stupid things.

 

[fktech]

Major invitation to malware -- hope you're better at recovery that advice!

Yep!

 

[fktech]

You're putting too much faith on antivirus software. I'm not saying that you shouldn't use an antivirus, but it should be there as a backup, not as an excuse to do stupid things.

Disagree. Back up often is best defense.

 

[WallJ91]

Run as administrator means that you should get bachelor's degree before attempting to run the cmd

 

[DelJo63]

If you actually think you are safer from being asked every time you do something "are you sure", then go for it

Yes it's a nuisance, but it tells me when I DIDN'T do something and still the system wants to make changes. So I'll accept the nuisance.

 

[OutlawCecil]

You're putting too much faith on antivirus software. I'm not saying that you shouldn't use an antivirus, but it should be there as a backup, not as an excuse to do stupid things.

Um no. My point is antivirus in most cases allows you to work as usual and not be paranoid. Sometimes you just don't know whether to trust a download or not and in those cases, UAC is totally pointless. When was the last time you purposely downloaded a file from a bad website and ran it as administrator? Probably never because why would you do that? That's my point, UAC is pointless because you always *think* you are being careful.

 

[OutlawCecil]

YOU did the download - - are you suggesting you're not sure? WHY did you download then?

THE UAC popup is the protection that raises the red flag for you - - "hey, I didn't DL anything, so WHY the install?? Of course reject!!

With the right UAC setting (aka always ask) and running as Limited User, you can't hurt the system :grin: If UAC is off and you're silly enough to run under Admin, you'll get stung every time :sigh:

So your point is, you think that any file anybody downloads, they know for a fact is 100% safe? You are simply wrong. There will always be situations where you aren't sure and that's where your antivirus is designed to keep you safe. If you downloaded and ran something, you probably *think* it's safe which means UAC won't save you if it isn't.

 

[DelJo63]

So your point is, you think that any file anybody downloads, they know for a fact is 100% safe? You are simply wrong. There will always be situations where you aren't sure and that's where your antivirus is designed to keep you safe. If you downloaded and ran something, you probably *think* it's safe which means UAC won't save you if it isn't.

Then NEVER download as nothing is certain but "death & taxes".

btw: my AV scans downloads and intercepts virus' - - does yours?

 

[OutlawCecil]

Then NEVER download as nothing is certain but "death & taxes".

btw: my AV scans downloads and intercepts virus' - - does yours?

You are crazy. The internet just does not work that way. You can NEVER be 100% certain a download is safe. And yes, just about every antivirus scans files when they are downloaded and will quarantine them immediately. Sometimes they are innocent but after being run, they execute malicious code or actions and THEN your antivirus catches it.

 

[DelJo63]

You need to do some reading on Proactive AV products.

Look, you're happy with your approach & I'm happy with mine. After 37 years, I've had to recover exactly twice: (1) in XP w/o the proactive av and (2) a HD failure.

So, yes dear, you can have the last word ...