User Account Control (UAC) is a Windows security mechanism that intercepts requests from programmes seeking elevated permissions. When a programme attempts to access sensitive system areas, install software, modify registry entries, or alter protected files, UAC displays a prompt asking for your explicit approval.
UAC operates on the principle of least privilege. By default, standard user accounts run with restricted permissions, and even administrator accounts execute programmes in a limited state. Only when a programme requests elevated (admin-level) privileges does UAC intervene, asking you to confirm the action.
How it works in practice:
- You launch a programme that needs admin rights
- Windows detects this requirement and displays a consent prompt
- You approve the elevation or cancel the action
- The programme either runs with full permissions or fails
Why it matters: UAC protects against malware and accidental system damage. Without it, any programme you run could secretly modify system settings, steal data, or compromise security. The prompt creates a deliberate checkpoint where you authorise potentially risky changes.
Common issues: UAC prompts can feel repetitive, leading some users to disable the feature entirely. This is risky and not recommended. Instead, adjust UAC settings to medium sensitivity in Windows Settings under User Account Control. You can also whitelist trusted programmes using Group Policy (on Windows Pro and Enterprise editions), which prevents repeated prompts for known-safe applications.
If a programme requests elevation suspiciously often or without obvious reason, investigate its legitimacy. Legitimate software rarely requires constant admin access.