"Run as Administrator": What Does It Mean?

[OutlawCecil]

You need to do some reading on Proactive AV products.

Look, you're happy with your approach & I'm happy with mine. After 37 years, I've had to recover exactly twice: (1) in XP w/o the proactive av and (2) a HD failure.

So, yes dear, you can have the last word ...

last word? We're not married... this is a disagreement and a conversation.

I'm in the tech industry so I'd like to think I'm informed enough.

Point 1: you can never be sure any download is safe
Point 2: if you do download something, you will run it regardless of UAC prompt, making it pointless.

sooo what exactly is your counter argument?

 

[DelJo63]

I'll not debate further. We started in '89 with PCs and have managed Linux, Unix, Mainframes, Macs and (oh sigh) even Windows ... your experience, like mine, is relative to yourself. Enjoy.

 

[fktech]

Major invitation to malware -- hope you're better at recovery that advice!

An expert!

 

[jpuroila]

Um no. My point is antivirus in most cases allows you to work as usual and not be paranoid. Sometimes you just don't know whether to trust a download or not and in those cases, UAC is totally pointless.

In those cases you probably should default to NOT trusting it or do a little more digging to see whether it's actually trustworthy or not(if it's actually what it claims to be, many times you can find checksums for instance). That's not paranoia, it's just common sense.

 

[Darth Shiv]

I disagree. It is your antivirus' job to stop malware attacks. If you download a file to install on your computer, then get an "are you sure you want to run this with administrative privileges" popup, I doubt anybody would say no and choose simply not to install it. There's no way to know if you should or should not accept, hence why your antivirus should be making that decision for you.

Terrible terrible advice. The first step is to download and install from reputable sources. EVERY install will ask for admin privileges - with UAC on, NOTHING can install to program files without admin privileges. Every virus scanner still is behind 0 days for a period of time. The first step to protection is to not download from dodgy sites.

 

[Darth Shiv]

Yes it's a nuisance, but it tells me when I DIDN'T do something and still the system wants to make changes. So I'll accept the nuisance.

Yep the only people who complain about UAC don't understand the function of UAC and don't know how to use it properly. Vista was a debacle because they chain requested elevation rather than inheriting the first elevation for a process tree. It was unrefined but the purpose of UAC on Vista was for very good reason.

Also Linux etc have had their equivalent of UAC for a very long time. It's just good security practice to run your every day tasks as user privileges and not admin so your everyday tasks, if compromised, only expose user privileges to viruses.

 

[OutlawCecil]

Terrible terrible advice. The first step is to download and install from reputable sources. EVERY install will ask for admin privileges - with UAC on, NOTHING can install to program files without admin privileges. Every virus scanner still is behind 0 days for a period of time. The first step to protection is to not download from dodgy sites.

Almost as terrible as having people think they can run any file downloaded from a reputable site. There's tons of cases out there where reputable sites were hacked and malicious coding was added to legit software. I'm sure your "do you want to run this as admin" popup will be more helpful than relying on antivirus...

That's why antivirus' have heuristic scans!

 

[Darth Shiv]

Almost as terrible as having people think they can run any file downloaded from a reputable site. There's tons of cases out there where reputable sites were hacked and malicious coding was added to legit software. I'm sure your "do you want to run this as admin" popup will be more helpful than relying on antivirus...

That's why antivirus' have heuristic scans!

The heuristic scans flag false positives all the time. Symantec blocks **** they shouldn't all the time. They are very low value.

The popup is not meant to make you think twice about installs you manually trigger although including installer certificates in this process would be a great help there. It's a lot harder to install malware into signed installation packages. You would need to compromise the signing process. I think far more value would come from preventing UAC executing on unsigned installations from the internet.

The popup is meant to prevent escalation of privilege for apps that should run in usermode day to day so they can't make system changes, compromise admin level processes etc.

 

[trparky]

To the people who say that the disable UAC, it's like running as root on Linux. The number one thing that's practically hammered into your head by those in the Linux community is that you should NEVER RUN AS ROOT!!!

 

[ShagnWagn]

I have automated software installs for 18 years. What I still don't understand is why software vendors say you "have" to do Run As Administrator to install software... If I am already a local admin, why do I need to run as administrator?? I did not see this in the article.

I have searched every now and then for years and haven't come across any solid evidence this is really true. I've never had software fail because I ran it without run as admin. I always get a chuckle when a vendor cries when I don't do it.

 

[hahahanoobs]

To the people who say that the disable UAC, it's like running as root on Linux. The number one thing that's practically hammered into your head by those in the Linux community is that you should NEVER RUN AS ROOT!!!

The only time UAC works is if you aren't doing anything at the time the prompt is triggered. No one is going to purposely download an exe then abort the installation because a UAC prompt appears. That wouldn't make any sense.
OutlawCecil is 100% right in what he is saying.

 

[Uncle Al]

All of that being said, the writer did a pretty good job with this article ..... thanks!

 

[Bullwinkle M]

I run Windows XP ONLINE!

I have ZERO Microsoft Security updates

I don't even have service pack 3

The antivirus expired in 2015

Everything I do is with FULL Admin access, yet I am perfectly safe

You cannot do this with Spyware Platform 10 of course, as the end user does not control the security of their own system

This copy of XP does not get malware, extortionware and no Microsoft backdoors

Me Likes!

 

[cliffordcooley]

THE UAC popup is the protection that raises the red flag for you - - "hey, I didn't DL anything, so WHY the install?? Of course reject!!

UAC on or off, I have never had my system initialize anything, I did not start to begin with. Of all the malware I have encountered. They were either deceptive in what was actually being installed. Or was piggybacking the authorizations of wanted software. Neither of which asking "if you are sure you want to continue" would prevent.

 

[treetops]

UAC on or off, I have never had my system initialize anything, I did not start to begin with. Of all the malware I have encountered. They were either deceptive in what was actually being installed. Or was piggybacking the authorizations of wanted software. Neither of which asking "if you are sure you want to continue" would prevent.

UAC on or off, I have never had my system initialize anything, I did not start to begin with. Of all the malware I have encountered. They were either deceptive in what was actually being installed. Or was piggybacking the authorizations of wanted software. Neither of which asking "if you are sure you want to continue" would prevent.

That you know of ^^, one sign I noticed on my last infection was that UAC was turned off. To make it easier for whoever was doing what do to whatever they were trying to do. At least that's what I'm guessing. Initially brought on by a Windows update killing my AV. I always have coretemp running in the tray, so when I saw my temp spiking, I looked at my cpu usage and it's not to hard to figure out something is amiss at that point. Damn cryptomining hackers. They should make it a bit harder to mine on your browser. I didn't even know there was a handy little option to turn it on in your settings.

I run Windows XP ONLINE!

I have ZERO Microsoft Security updates

I don't even have service pack 3

The antivirus expired in 2015

Everything I do is with FULL Admin access, yet I am perfectly safe

You cannot do this with Spyware Platform 10 of course, as the end user does not control the security of their own system

This copy of XP does not get malware, extortionware and no Microsoft backdoors

Me Likes!

If I would aids I'd tell people not to wear a condom. Really though I wouldn't go and advertise my exact vulnerabilities. Maybe I'm just paranoid ^^

 

[cliffordcooley]

That you know of ^^

If that is the case, it wasn't very malicious. And by definition malware must be malicious.

 

[Bullwinkle M]

Treetops said...
Really though I wouldn't go and advertise my exact vulnerabilities. Maybe I'm just paranoid ^^
------------------------------------------------------------------------------------------------------------
I did not advertise any vulnerabilities as there are none to advertise

There is no such thing as a Windows 10 security expert because a real expert would know that you cannot stop what Microsoft has done / and is doing to your system when you are online

You cannot stop malware or ransomware on Spyware Platform 10 if you cannot stop Microsoft!

 

[arrowflash]

Regarding the discussion in the comments (which as often happens ends up being more interesting and fun to read than the article itself), I can only share my experience.

I've always used Windows logged in with the Administrator account all the time, ever since the Windows 2000 days, and never had anything bad happen because of it. I'm logged as Administrator right now, I don't even have regular user accounts set up on my machines. This infamous practice has only saved me tons of time and headaches, by not having to deal with crap such as UAC prompts or software complaining of not enough permissions (or worse, running unstable or with random bugs without obvious cause, for this reason). In the almost 20 years I've been doing this, my PCs have only been infected by viruses or malware in 2 or 3 occasions if I recall correctly - and none since Windows 7 SP1.

I also always run Linux logged in as root, and it's the same story. In over 10 years, it has only saved me time by never having to enter credentials, and nothing bad ever happened. My PCs never exploded and I never had all my data stolen by Russian hacker boogeymen because of it.

If you have above room temperature IQ and better attention span than a goldfish, running with full credentials isn't as dangerous as most claim to be. Now of course, for this exact reason, when it comes to regular users it really might not be such a good idea... but for me, the benefits far outweigh the risk - even if something bad DOES happen some day in the future because of it, it has already paid off (the very few past malware infections I mentioned don't count - there wasn't any sign that using a standard account would have prevented them).

 

[Daithi]

The only time UAC works is if you aren't doing anything at the time the prompt is triggered. No one is going to purposely download an exe then abort the installation because a UAC prompt appears. That wouldn't make any sense.
OutlawCecil is 100% right in what he is saying.

I think it matters more when just running something rather than a full installation. A program that has absolutely no justifiable need to run as admin throwing up a UAC prompt should raise massive red flags. If you just disable UAC entirely, then you never really know that TotallyBenignVideoConverter.exe is poking around where it shouldn't in the background, even though it appears to be working as normal.

 

[Daithi]

This copy of XP does not get malware, extortionware and no Microsoft backdoors

Me Likes!

Wannacry propagated through an NSA backdoor in Windows which was patched out of 10. Here's a few more you're vulnerable to https://arstechnica.com/information...rs-just-dumped-its-most-damaging-release-yet/

 

[Bullwinkle M]

Wannacry propagated through an NSA backdoor in Windows which was patched out of 10. Here's a few more you're vulnerable to https://arstechnica.com/information...rs-just-dumped-its-most-damaging-release-yet/

LOL

Wannacry has no effect on XP-SP2
It only works with SP3
I know this because I am the reason that information was in the news at the time

Besides, RDP is disabled and the affected ports were blocked without requiring a Microsoft security update

I love it when noobs pretend to be experts on the subject of Windows security

There are no know exploits that can wreck my XP box!

Try again

 

[Daithi]

LOL

Wannacry has no effect on XP-SP2
It only works with SP3
I know this because I am the reason that information was in the news at the time

Besides, RDP is disabled and the affected ports were blocked without requiring a Microsoft security update

I love it when noobs pretend to be experts on the subject of Windows security

There are no know exploits that can wreck my XP box!

Try again

Sure, I believe you. Most wouldn't, but I do.

 

[Markoni35]

"Run as administrator" means you can't run very fast, or very far. You get all sweaty in 10 seconds. It's similar to "Run as fat policeman". It's related to Burger and Doughnut apps.

 

[Bullwinkle M]

Run as Administrator always. Backup often.

When running Windows XP online, I just use a Full Admin Account and everything works just fine

No right clicking, no security screens and no malware ever!

I only require a single backup from 2014, but then again, I'm a real Windows Security Expert!

For everyone else, multiple backups may be a good idea

 

[amghwk]

Becoming an "Administrator" with a single click is a joke actually.