Understanding and Configuring User Account Control in Windows VistaEnterprises today face a daunting task of enforcing desktop standardization. This challenge is intensified since the majority of users run as local administrators on their computers. As a local administrator, a user can install and uninstall applications and adjust system and security settings at will. As a result, IT departments often cannot gauge the holistic health and security of their environments. In addition, every application that these users launch can potentially use their accounts’ administrative-level access to write to system files and the registry and to modify system-wide data. Common tasks like browsing the Web and checking e-mail can become unsafe in this scenario. In addition, all of these elements increase an organization’s total cost of ownership (TCO).IT departments must be given a solution that is both resilient to attack and protective of data confidentiality, integrity, and availability. For this reason, the Microsoft® Windows VistaTM development team chose to redesign the way that the Windows core security infrastructure and applications interact. User Account Control (UAC) was the outcome of this redesign process.