After seeing it written about so wrongly so often, Roger Grimes decided it’s time to simply spell out as accurately as he can exactly what Microsoft’s UAC is — and what it is not. “The problem [UAC] is trying to solve is that too many Windows users are logged on with elevated user accounts all the time, when they do not need to be elevated for much of what they were doing,” Grimes explains in UAC in a nutshell. “Not being logged on with elevated access all the time would significantly reduce the risk of current client-side attacks.” Whereas previous Windows versions have not simplified the task of making sure that users are not logged in with elevated accounts, Microsoft aims to change that with Windows Vista, and UAC specifically. “The merits of UAC compared to other competitor’s alternatives, such as Su or Sudo, can be debated, but I can tell you that UAC works.” Security