|
|
|
|
|
|
by noyoudumbdolt
1250 days ago
|
|
|
First, a bit of pedantry: UAC is not a security feature. https://devblogs.microsoft.com/oldnewthing/20160816-00/?p=94... . It just works to encourage developers to make their software work without an elevated token. The security feature is Windows administrator accounts running apps with non-elevated tokens by default. Protecting local administrator tokens is also kind of a useless security feature these days. What are you worried about? Data theft? Ransomware? Trojans? Credentials theft? All of those can be done just fine with only standard user permissions, without an administrator token. OTOH, you need an elevated token to install device drivers or whatever. |
|
|
Generally admins tend to be most worried about central databases or user visible services being compromised. Compromising an user account is a necessary step to get there, often enough.