Video: Why administrative accounts are actually Limited User Accounts in Vista

For years, Microsoft and its customers have been battling the problem of drive-by malware. What is drive-by malware? For the most part, it's the sort of malware that takes advantage of systems where the user is logged in with administrative privileges. Until Vista came along, being logged into Windows as an administrative user afforded some forms of malware the same umimpeded rights to the entire system that the user himself (or herself) had. This made it easier for malware to drive by and install itself.

At first, the answer was thought to be simple: get the word out not to run Windows as an administrative user. In other words, run it under a Limited User Account (or LUA). LUA's can't install software. That way, when some piece of drive-by malware tries to install itself while a system is running under an LUA, it can't inherit the rights it needs to complete the installation. Only there was a problem: running Windows (including XP) under a LUA broke a lot of software. I witnessed this myself with the gaming software that my son uses.

Enter Windows Vista. Vista has a security feature that attempts to offer the best of both worlds. In the event that your software runs fine under a non-administrative account, then you have nothing to worry about (as was the case with Windows XP). If it doesn't (in other words, if the application needs administrative access for some reason), Vista accomodates that in two ways: first, it allows a normal LUA or standard user to supply the administrator's credentials when the application installs itself. Second, it does a neat trick with any files the application tries to install in sensitive areas by virtualizing them so they don't really install there. When the application tries to use or open those files as though they were in the sensitive area, it thinks they're there. But in reality, they're not. Vista is smart enough to put them on your hard drive in a place where they can't cause the harm they might have caused if they were loaded into certain sensitive areas.

Finally, but just as importantly, what if, rather than being logged in as a standard user, you're logged in as one with administrative privileges. This is where one of the key security improvements of Vista over Windows XP comes in. Even if you're logged in as an administrative user, attempts at installing software (be it legitimate or drive-by malware) are still treated as though you're running under an LUA. It doesn't ask for administrative credentials. But it does double check with you before it allows the software to install itself. Recently, I wrote a detailed post that included an image gallery showing what this process looks like in action.  In my most recent video, I take to the whiteboard with some stinky magic markers to explain how this all works.