Avoid UAC prompts by using an elevated program launcher

See Avoid UAC prompts by using an elevated program launcher | Wilders Security Forums.

It troubles me that people try to circumvent their own system security instead of tailoring the settings for their needs.
If they hate UAC so much, why not simply disable it?
Outside of the above question, this sounds more like a method to hack someone’s computer locally.

Turning off UAC would, among other things, turn off Protected Mode in Internet Explorer and file/registry virtualization.

Regarding malware being able to take advantage of programs running elevated:
a) UAC prompts are bypassed only when launching programs via the program launcher, not in general. Is it likely that malware would take advantage of this? I doubt it, but maybe I’m wrong.
b) Malware could indeed try to take advantage of programs already running elevated. User Interface Privilege Isolation, introduced by Vista, doesn’t protect against everything. This is also the case for any program that’s running elevated - i.e. it’s not limited to this particular method.

My intention is to give folks who are currently always running as admin a vision of how to instead run as a standard user without the hassle of switching to an admin account to do admin activities. Assuming UAC is enabled, I believe that this method is likely to be safer than always running as admin, but isn’t as safe as using a standard account for normal activities and switching to an admin account to do admin activities. I typically switch to an admin account when doing admin activities.

It is correct that this method should not be used with an untrusted user.

They can’t enter the Admin password to confirm elevated privs?
Having a bypass program running would allow anyone using a standard user account to bypass UAC.

Yes, that’s correct. This method shouldn’t be used in a standard account with a user that’s not trusted to use the power wisely and benevolently. In my case, I am the only user of the machine.

That being the case, why not simply disable UAC?

Disabling UAC basically results in a return to the Windows XP security model. Here are some consequences of disabling UAC:

a) When using standard account:

  • loss of protective benefits of mandatory integrity control using integrity levels, including User Interface Privilege Isolation and Protected Mode of Internet Explorer
  • poorer application compatibility due to disabling of file and registry virtualization
  • loss of UAC prompt when a program isn’t working due to lack of admin rights, which lets the user know why the program failed; some programs will give an informative error message at such a failure, but some won’t
  • loss of ability to elevate programs through UAC
  • switching to admin account to do admin activities is more dangerous (see below)

b) When using admin account:

  • programs run with full admin token by default, including Internet Explorer
  • poorer application compatibility due to disabling of file and registry virtualization
    [li]system compromise by malware willl be done without any UAC prompt

The elevated program launcher method does work in a standard account with UAC disabled, and also in a limited account in Windows XP.

Start Menu 7 (http://www.startmenu7.com) is free program launcher that uses your existing Start menu shortcuts. Turn off the option to replace the Start menu, and launch elevated programs from the tray icon :).

UAC is just a little minor annoyance. MS put it there to protect newbs and our Grandparents from messing up the works. But for those of us who know better there is always Sysinternal’s RunAs different user which works great in Vista & Win7 32/64. All it does is put an option in your context menu to run as a different user much like the run as Admin does. I use it more because I can run as ANY USER I choose. There is also a brilliant little proggie called Runasspc that will give you the ablility to set up any program to run as admin by using a crypt file and you can run as local or domain if you are in a domain. I set up certain programs with it to run elevated if I need them too, but I leave the password blank for programs I want to stop others from elevating. Lets face it there are just some programs that you need at startup that need elevated privileges and this works. Programs such as EVGA’s precision utility. But I always leave the UAC on. It does not hurt. After being a System Admin at my previous company I don’t want anyone to run with out it. It keeps down the repair costs. But as an admin I want the ability to work around it when needed.
Why would anyone want to log on as Admin? Holy cow! In this day and age!!!