Windows Vista 's User Account Control has come under further criticism . We've previously reported the control - designed to prevent software running in Administrator mode without permission - can be circumvented.
White hat hacker Joanna Rutkowska praises User Account Control (UAC), but warns there are problems. If you run an installation file, you need to give it permission to run.
"That means that if you downloaded some freeware Tetris game, you will have to run its installer as administrator, giving it not only full access to all your file system and registry," Rutkowska wrote.
So the problem is actually down to the user giving access to the wrong apps. And such user ignorance a big problem for security.
Mark Russinovich, a Microsoft TechNet blogger, says that UAC works because it "creates an alternate model where all users, including administrators, run with standard user rights." Russinovich argues in detail about the merits of UAC and why it is the right method for enhancing security in Vista.
Rutkowska agrees that UAC is the right way to go.
"The fact that such a design change has been made into Windows is, without doubt, a great step towards securing consumer [operating systems]."