User Account Control (UAC)

Basic Understanding

UAC relies on access token which conains the information about the level of access that the user is granted. There are two types of access token we need to know for UAC:

  1. Adminstrator access token

  2. Standard user access token

By default, all apps run as standard user access token. The UAC will be involved, only if the app is going to perform administrative task and the existing token does not have the required level of access.

Example of logon process, copied from docs.microsoft.com

Reference

LogoUser Account Control Group Policy and registry key settings (Windows) - Windows securitydocsmsft
LogoHow User Account Control works (Windows) - Windows securitydocsmsft
LogoUser Account Control security policy settings (Windows) - Windows securitydocsmsft

PreviousFRIDA for iOS app penetration testingNextUAC Bypass

Last updated

Was this helpful?