Skip to Content

Windows 7 vs Windows Vista: the UAC Benchmark

Tue, 08/04/2009 - 18:47 — Ciprian

logo uacOne of the most hated features of Windows Vista is the User Account Control, or UAC in short. Many people found it annoying and chose to disable it right away, even if this meant exposing their system to additional security threats. In Windows 7, Microsoft has seriously changed this feature. Now users have a lot more control over it and how it works and it should provide a better user experience. To see how much improvement this means in numbers, I have run a comparison between the default Windows Vista and Windows 7 UAC levels. Let's see which one wins and why.

Benchmark Description: What I Tested

First, I searched for the list of all tasks which require administrative privileges which can trigger an UAC prompt. I started with this list of items which trigger User Account Control prompts from Ed Bott and customized it a bit to be as relevant as possible for both Windows 7 and Windows Vista.

The list of tests I ran is the following:

  • Running an application as an Administrator - I ran random applications as an administrator, by right-clicking on their shortcuts and choosing 'Run as administrator'. This is done when you need to use older applications, compatible only with Windows XP, and which need access to system files and settings.
  • Changes to files and folders in the Windows and Program Files folders - I tried to edit random system files found in both Windows and Program Files folders. I also tried to create new folders and then delete them.
  • Installing applications -I installed several applications, from CD burners to browser plugins and antivirus software.
  • Uninstalling applications - I uninstalled the same list of applications used in the installation exercise.
  • Installing & uninstalling device drivers - in order to test this, I installed drivers for all the components in my PC and then I uninstalled them.
  • Installing ActiveX controls - for this test I used the ActiveX from Nvidia's driver download page.
  • Changing settings for Windows Firewall - with Windows Firewall enabled, I customized some of its settings and rules.
  • Changing UAC settings - for this test I turned on and off the User Account Control feature.
  • Configuring Windows Update Settings - I changed the Windows Update settings.
  • Adding or removing user accounts - I created and deleted multiple user accounts, both as standard users and administrators.
  • Changing a user’s account type - this test involved changing the type for one of the test accounts from standard to administrator and vice-versa.
  • Configuring Parental Controls - for this test I set different Parental Controls rules for different user accounts.
  • Running Task Scheduler - this test is pretty weird. In Windows Vista, if you run the Task Scheduler from Start Menu -> Accessories -> System Tools, no UAC prompts are shown. However, if you run it from Control Panel -> System and Maintenance -> Administrative Tools, you do get an UAC prompt. Therefore I ran the shortcut from the Control Panel in both Windows Vista and Windows 7.
  • Backup & Restore Files and Settings Using Backup & Restore or Windows Easy Transfer - I used both tools to backup and restore user data and settings.
  • Viewing or changing another user’s folders and files - this meant browsing through another user's folder, adding and removing files and folders.
  • Running Disk Defragmenter - I ran this tool to defragment several drives
  • Changes to system-wide settings - I changed different settings in the Control Panel applets, including security policies.

All these tests were run with the default UAC levels. In Windows Vista this means having UAC turned on while in Windows 7, it means having it turned on and set to 'Notify only when programs try to make changes to my computer'.

Test Results

The test results are summarized in the table below.

UAC Prompts Statistics

In Windows Vista, an UAC prompt is triggered in all 17 scenarios. In Windows 7, in only 5.5 of them. The half of point was assigned due to the fact that, when uninstalling some applications, Windows 7 can show an UAC prompt. This happens only when you uninstall applications which modify important system settings. In the tests I ran, only the uninstall of the Microsoft Silverlight plugin triggered an UAC prompt, while all other applications did not. Depending on what type of applications you are working with, you might never encounter an UAC prompt when uninstalling an application.

As you can see in the graph below, in Windows 7 you will not encounter UAC prompts in at least 11 of the scenarios where Windows Vista triggered one.

UAC Prompts Statistics

This means a reduction of approximately 67%, depending on how you use your PC and which are the most common tasks you perform.

Conclusion

When it comes to the UAC Benchmark, Windows 7 wins easily and with a huge difference in its favor. It seems that Microsoft has paid attention to user feedback and has seriously tweaked this feature. UAC is now a lot less annoying than it was in Windows Vista and users will have a better computing experience. The only question that remains: is the new UAC implementation as secure as the previous one? Time will tell if that's the case or not.

Related articles:

What is UAC & Why You Should Never Turn It Off
How To Change User Account Control (UAC) Levels

Share this

Comments

Some of the tests are not

SamC (not verified) - 08/05/2009 - 01:42

Some of the tests are not really valid comparisons... e.g. task scheduler. Did you create a non-logged in program startup for example? The control panel task scheduler in vista sounds like the shortcut is set to run elevated so you can do a startup task.

Parental controls - if they are protected by a password of some sort anyway then you don't need UAC as well but if they are not, removing UAC is a bit of an issue isn't it?

Apart from that sort of stuff, interesting article.

Creating any kind of task

Ciprian - 08/05/2009 - 19:27

Creating any kind of task works, no matter how you start the task scheduler.

Regarding Parental Controls - i really do not get your point. Can you please explain better?
What does a password have to do with Parental Controls and UAC?
If you setup Parental Controls rules in Windows Vista, it always shows up an UAC prompt. The same done in Windows 7, with the default UAC level on, doesn't trigger an UAC prompt. That's what our test is saying.

RE: parental controls - they

SamC (not verified) - 08/07/2009 - 04:49

RE: parental controls - they are useless if anyone with any credentials can alter them right? I'm curious what sort of enforcement/protection is used for them? Is it a role required? I have never used it personally.

Also regarding creating tasks, if you want to auto-start a program that requires elevation for example, then I would expect the scheduler to ask you for a prompt when setting it up. And to not request elevation if the task does not require it. I guess my question is more to clarify ambiguity.

Regards,
SamC

Would have been nice if MS

Id10TError (not verified) - 03/30/2010 - 04:06

Would have been nice if MS had decided to include basic 'rules' with uac allowing users to give permissions to applications, just think i could give winamp 'permission' to write to its own directory or give another app permission to modify Registry:HKLM. This would have been a great help to many users out there and the permission box could have included a 'remember this approval' so users would only have ever seen the box on a per need basis as apposed to a per use basis. That said for winamp i just change its folder(in program files) permission to 'all users'. Despite my complaint i like to know when somthing new tries to 'pull' somthing and the chance to VITO it is excellent.

I don't really get how this

Godwin (not verified) - 04/11/2010 - 18:22

I don't really get how this is a benchmark. Since they both work the same if they have the same settings. Your benchmark is just testing settings.

What I really want to know is what are the true differences between Vista UAC and Windows 7 UAC?

This benchmark tells what you

Ciprian - 04/11/2010 - 20:05

This benchmark tells what you want to know: the difference between Windows Vista UAC and Windows 7 UAC. The system/thinking behind UAC is the same. The difference is in the number prompts you receive and when.

What I don't understand is

Adrian (not verified) - 05/01/2010 - 01:57

What I don't understand is why Windows 7 always prompts for username and password in a UAC prompt, when Vista just gave an are-you-sure-style confirmation dialog. I really didn't mind Vista's UAC, but after a day with Windows 7, I'm suffering from password fatigue.

The UAC dialogue does not ask

Ciprian - 05/01/2010 - 13:38

The UAC dialogue does not ask for a username and password, unless you are logged with a user which is not admin. If your user is set as administrator, you just need to click on Yes.

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options



Theme by Dr. Radut.