Share via

The Windows Security Model


Windows Vista introduced a new security model for user accounts. This model, also used in Windows 7 and Windows Server 2008, provides a more secure and trustworthy environment.

Like Windows XP, the new security model includes standard user accounts and administrator accounts. However, these two account types are now implemented and used in a more secure way. On Windows XP, if you ran under an administrative account, you had administrative privileges at all times. If you ran under a standard account, you did not have administrative privileges. The only way for a standard user to gain administrative privileges was to use the Run As command and select an administrator account.

On Windows XP, many users would run as administrator at all times, even when they performed routine, non-administrative tasks that did not require administrative privileges. The result was a vulnerability that could be exploited by malicious software.

The new security model does not grant administrative privileges at all times. Even administrators run under standard privileges when they perform non-administrative tasks that do not require elevated privileges. The result is greater security because users are no longer running with unnecessary privileges that can be maliciously exploited. This feature is known as User Access Control, or UAC.

By default, the operating system now runs in Admin Approval Mode. In Admin Approval Mode, the UAC dialog box appears every time that you try to perform an action that requires administrator privileges, whether you are running as a standard user or an administrator. If you are running as a standard user, the UAC dialog box prompts you to enter an Administrator account name and password, which are required to continue. If you are running as an administrator, the UAC dialog box asks you to confirm that you want to perform the procedure using you current administrator credentials. It also gives you the option of entering a new administrator account and password to continue using.

For more information about the new security model, see:

See Also

Set Up the Remote Tools on the Device