An administrator account in Vista is essentially an "admin user on
demand" at program-level granularity.
So, programs that do not prompt are semantically running in a standard
user account, while programs that do prompt are running with all the
privileges assigned to your admin account.
However, when logged in as an administrator, both admin programs and
non-admin programs are running inside of your admin user profile.
There are not really two different accounts here, it is just pretend.
This is different than when logged in as a standard user. When logged
in as a standard user, programs that don't need admin power run inside
of your standard user profile.
However, when you run an admin program from inside a standard user
account, the admin program is running inside the profile of the admin
user account that you authenticated with in the credentials prompt.
This makes running as a standard user and elevating-on-demand to a
seperate administrator account more secure, since the profiles are
seperated (this can prevent certain types of attacks).
Also, this extra seperation can cause progam compatability issues as
well, although UAC does try to mitigate these as best as possible.
It's hard to say how much extra security you get from running in a
standard user vs. administrator on vista this early in the game.
Microsoft MVP - Windows Shell
Windows Vista Support FAQ - http://www.jimmah.com/vista/
On Wed, 16 May 2007 09:16:29 +0100, "Steve Thackery"
>I'm happy with UAC, and unlike most people don't object to Windows telling
>me when something potentially risky is about to happen.
>However, at the moment I've set my account up as an Administrator so I don't
>have to type the admin password into the UAC prompt each time.
>Are there any security risks doing this? I seem to think that even
>Administrator level accounts run in non-Administrator mode most of the time,
>which is why I thought it would be OK.