Windows
  • Introduction
  • General
    • Users
    • SAM database
  • Filesystem
    • NTFS
    • Finding files
  • Services
    • sc
  • Registry
    • reg
  • Registry Editor (GUI)
  • Access control & Permissions
    • icacls
  • User Account Control (UAC)
  • Powershell
    • Get-ChildItem
    • whoami
  • 🔍Active Directory (AD)
    • Domain Controller (DC)
    • Domain Service (AD DS)
      • Security groups
      • Organizational Units (OUs)
      • Security groups vs OUs
    • Authentication methods
      • Kerberos
      • NetNTLM
Powered by GitBook
On this page
  • User types
  • Access token

User Account Control (UAC)

PreviousicaclsNextGet-ChildItem

Last updated 3 days ago

User Account Control (UAC) is a key part of Windows security. UAC reduces the risk of malware by limiting the ability of malicious code to execute with administrator privileges.

User types

There are 2 types of user accounts, namely the standard user, and administrator.

Access token

When a user logs on, there will be an access token created. The process varies slightly between the 2 user types described above.

a) Standard user logon: Only the standard user access token will be created for the user.

b) Administrator logon: Two access tokens: standard user, and full administrator access tokens will be created for the user.

By default, all of the applications will be ran with the standard user access token (even for administrators). This is to reduce the risk of damage in the event of a malware infection. However, certain applications may require higher administrator privileges, and can be ran with the full administrator access token via a prompt.

For more information on the specific prompts, refer to the official Microsoft documentation from the link above.

LogoHow User Account Control works - Windows SecurityMicrosoftLearn