When UAC was introduced in Windows Vista, it sucked, PERIOD. Symantec came to the rescue by releasing a tool called Norton User Account Control which will replace parts of the Windows Vista UAC system. The good thing about Norton UAC tool is it allows you to whitelist programs so that you will not be prompted by the UAC warning on the allowed software. However the Norton UAC tool was never publicly released nor updated to work with Windows 7 maybe due to Microsoft decided to fine tune and polish the UAC in Windows 7.
UAC in Windows 7 isn’t any better either. As a power user, I find UAC really annoying and it is the first thing that I disable after installing Windows 7. The only reason I kept the UAC enabled on my test system is because I want to simulate normal user’s computer when I am doing research or testing some software. Don’t get me wrong, UAC does help a bit in protecting the computer although a lot of malware already comes with UAC bypass mechanism. If you would like to keep UAC enabled but run some programs without the UAC prompt in Windows 7, here is a software called UAC Trust Shortcut where it allows you to disable User Account Control for a specific application, by defining a trusted shortcut.
I had to test the UAC Trust Shortcut software extensively to fully understand how it really works. After installing UAC Trust Shortcut, a UAC Trust Shortcut Tray Manager will be added to Windows startup and sits in notification area. It doesn’t really do anything other than providing a convenient way for you to start the service and trusted shortcut creator.
To create a trusted shortcut, right click on the UAC Trust Shortcut tray icon and select “Open UAC Trust Shortcut 1.0″. A window will appear where you can add the name of the program that you want to whitelist, browse for the program and click the Add now link. The trusted shortcut will be added to Desktop and you can now run the program from the trusted shortcut without getting the UAC prompt. As easy as it seems, there is actually an additional step where it must be done or else the trusted shortcut will always prompt the User Account Control warning.
You need to manually start the background service (tracer.exe) from the UAC Trust Shortcut Tray Manager (which requires the UAC elevation) every time you restart, or log off Windows. This is only required once in every Windows session and then you can launch as many trusted shortcuts you want without getting the UAC prompt. The tracer.exe is the important main process where it needs to be running in order for any software that you want to run without the UAC prompt. Be informed that you should not attempt to run the tracer.exe directly from C:\Program Files\ITknowledge24\ or else you will get an endless loop of launching the program when you run any shortcut that invokes. I found that the UAC Trust Shortcut tool doesn’t support command line arguments and it doesn’t work with batch files as well which I thought I could call a program with arguments.
UAC Trust Shortcut is free and works on both Windows 7 32-bit and 64-bit. Just make sure you download the correct version or else the setup will fail to install.
I use the Microsoft Application Compatibility Toolkit. Guide: wintuts.com/Disable-UAC-for-certain-applications
@Chump2012 I much prefer my firewall, HIPS and antivirus, yes there may be loads of prompts when you first start a program but after you’ve whitelisted it that’s it. UAC will continue to nag you about starting the program, EVERY. SINGLE. TIME. It’s just plain annoying.
It is amazing to me, that so many people have Host Intrustion Prevention Systems, use complicated firewalls like Comodo and the like, which give you loads and loads of prompts, and yet still maintain that UAC sucks. All UAC is to me is a simple elevation command. Almost every Linux distro has that (access to Root), Apple has it too in their operating systems. Yet for some reason, everyone complains that UAC sucks. What makes this worse, is often these are the same people advocating complicated security setups where you have to deal with any number of prompts.
UAC is awesome for a number of reasons:
1) Allows you to browse as a standard user which helps prevent a lot of malware and drive by downloads.
2) Forces programmers to stop being so lazy and trying to always give their programs administrative rights, when its not needed.
3) Allows you to be aware when something could potentially be changing the system.
Theoretically UAC is supposed to keep a computer safe by preventing a lot of malware and drive by downloads but unfortunately it is flawed and there are ways to bypass it. Malware coders has already discovered this long ago and in fact I have written an article about that.
So it means that UAC is not effective, which is why many people have HIPS, firewalls and etc. Makes sense?
@raymondblog:disqus
Default settings for UAC I agree can be bypassed. At the top level though, its much stronger and difficult to bypass. Its not foolproof, but then no security solution is. We don’t discard a layer of security just because its not infallible.
I am not saying its not annoying sometimes. I am saying, that experts should not suggest to users to discard it. If a user knows enough on how to disable it, on how to survive without it, sure they can do so. However, most novices are better off having it on than discarding it and running as full admin.
@ZappedSparky:disqus
Programmers got lazy in the NT and XP years, which is why they kept on using admin admin admin all the time. There was never any call for it, which is why now I am so pleased that Microsoft introduced this feature. Its another security layer in a secure system.