We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
79,714 News Articles

Microsoft tweaks Vista security

Makes it less cumbersome for users

Bowing to criticism, Microsoft plans to modify a key new security feature in its upcoming Windows Vista operating system to make it less cumbersome for users.

The current implementation of the UAC (User Account Control) feature in Vista triggers too many pop-up boxes, requiring users to click on them to confirm things as simple as running regular programs, Steve Hiskey, lead program manager for UAC in Microsoft's Windows Security Core group, acknowledged in his blog on the MSDN website.

According to the 1 June entry, Hiskey said that the next beta release of Windows Vista, RC1 (Release Candidate 1), will reduce the number of security prompts users will face by creating safe scenarios for Standard User accounts. Microsoft will create fixes, called "shims", for applications that don't easily run as a standard user.

Vista RC1, originally set for mid-July, is now slated for 25 August.

Current versions of Windows, including Windows XP, grant logged-in users full administrator rights over all software and processes by default.

By contrast, operating systems considered more secure, such as Linux, tend to have users and software running at a "nonroot" level, meaning that malware or hackers that successfully take over some application or process are hemmed in and can't do as much damage.

UAC was designed to reduce the ability of hackers and malware to take control of systems by forcing users to confirm that they intended to perform key administrative tasks. But the current implementation evidently not only "annoyed" users, said Michael Gartenberg, an analyst at Jupiter Research, but it is likely caused them to start clicking "yes" on prompts without reading them.

"If you have too many locks on the front door, after a while, you may eventually stop using them," he said.

Gartenberg said that Microsoft's strategy in Beta 2.0 was likely to "make things as locked down as secure, and then figure out in what areas they could tone it down. It's better to do it this way than to do it in reverse."

"Microsoft was going to get flack no matter which way they approached it," he said. "Part of being Microsoft is that you get flack."


IDG UK Sites

Samsung Galaxy Tab S 8.4 review: The best iPad mini and Nexus 7 rival tablet around

IDG UK Sites

Which Mac? Complete Apple Mac buyers guide for 2014

IDG UK Sites

Mobile email is powerful and useful - but also hopelessly intrusive

IDG UK Sites

Samsung lights up London skyline with Midnight Rainbow