• Vista Wallpapers
• Windows Wallpapers

According to Scott Charney, vice president of Microsoft's Trustworthy Computing Group, UAC was designed to give users more control over the applications they run and help them make better security decisions by providing them with more information.

However, the main problem with Vista's UAC, according to Charney, is that it prompts the user far too often.

"Clearly there has to be work done on UAC user prompts, where users get prompts at times they don't necessarily expect it — and it's not intuitive. The challenge is — as with many of these things when we try to give users control — if you give people too many prompts in too many situations, they view it as an impediment," Charney told ZDNet.com.au yesterday at the AusCERT security conference on the Gold Coast.

Mikko Hypponen, F-Secure's chief research officer, said although security features in Windows Vista are impressive, UAC remains a problem.

"There's not much we can criticise in Vista's security. Microsoft did a good job. UAC is not a bad idea by itself, but I don't see any way you could implement it in a way so it doesn't buck the user," said Hypponen.

In a recent survey, security vendor PC Tools discovered that out of 1,000 Vista-based PCs, 639 had been infected by malware in the previous six months. The company's managing director Simon Clausen blamed the high rate of infection on users that had switched off UAC because it was so annoying: "The majority of machines we see have UAC turned off if the user knows how to do it," he said.

The difficulty with UAC, according to F-Secure's Hypponen, is that Microsoft assumes the user should have administrator rights, an issue that Mac- and Linux-based systems dealt with a long time ago.

"Most Linux installations will say that you must create a user account. The big difference between a Mac and Vista is that, by default, on a Mac, you're not an administrator. On a Mac you only get prompted for root password when you're installing an application. Under Vista this happens a lot more because you have admin rights, so the UAC pops up often. Vista installation should end with [mandatory creation of] a user account with user access rights, not administrator rights," said Hypponen.

Microsoft's Charney said that UAC was Microsoft's first attempt to break away from its tradition of users being an administrator by default.

"Part of the reason UAC exists is we've been pushing people to the standard computing model. When you're an administrator on a machine, you have these all-powerful rights that also allow malware to do bad things. Increasingly we want people to be standard users.

"At the same time, there are times you need to be elevated to administrator to install programs. UAC was an attempt to say let's run a standard but when you need a higher level of privilege, rather than doing that silently, let's involve the user in that decision. Clearly we have to do more work in this area," Charney added.