Keeping Windows 8.1 Safe and Secure

  • 11/15/2013
Contents
In this chapter from Windows 8.1 Step by Step, you’ll learn how the UAC works, how to tweak it, and why you should never turn it off. In addition, you’ll learn the basics of working with Windows Firewall to secure your network and Internet traffic and about the new and improved Windows Defender and how to use it to keep your system safe from viruses and spyware. Finally, you’ll learn how to improve your passwords to make it more difficult for unwanted people to use the Internet to access your Microsoft account, your email, and other important accounts.

Chapter at a glance

Change

httpatomoreillycomsourcemspimages1855110.jpg

Click to view larger image

Change the UAC level, page 417

Work

httpatomoreillycomsourcemspimages1855111.png

Work with Windows Firewall, page 419

Restore

httpatomoreillycomsourcemspimages1855112.png

Click to view larger image

Restore Windows Firewall settings to their defaults, page 431

Use

httpatomoreillycomsourcemspimages1855113.jpg

Click to view larger image

Use Windows Defender to secure your system, page 433

IN THIS CHAPTER, YOU WILL LEARN HOW TO

  • Understanding the UAC

  • Using the Windows Firewall

  • Using Windows Defender

  • Improving your password habits

Security is very important in the modern era of computers and devices. Microsoft has spent quite a bit of effort to enhance the security provided by Windows 8.1. This operating system offers improved versions of all its main security tools: User Account Control (UAC), Windows Firewall, and Windows Defender.

In this chapter, you’ll learn how the UAC works, how to tweak it, and why you should never turn it off. In addition, you’ll learn the basics of working with Windows Firewall to secure your network and Internet traffic and about the new and improved Windows Defender and how to use it to keep your system safe from viruses and spyware. Finally, you’ll learn how to improve your passwords to make it more difficult for unwanted people to use the Internet to access your Microsoft account, your email, and other important accounts.

PRACTICE FILES

You don’t need any practice files to complete the exercises in this chapter. For more information about practice file requirements, see the section “Using the practice files” In the Introduction of this book.

Understanding the UAC

The UAC is a security feature that was introduced in Windows Vista and improved in all subsequent versions of Windows. It is present in Windows 8.1, as well, and it helps prevent unauthorized changes to your computer. These changes can be initiated by users, apps, viruses, or other types of malware. UAC ensures that these changes are made only with approval from the administrator of the computer. If these changes are not approved by the administrator, they will never be executed, and the system will remain unchanged.

Unlike in Windows XP, desktop apps in Windows 8.1 do not run with administrator permissions and consequently cannot make any automatic changes to the operating system. When a desktop app wants to make system changes such as modifications that affect other user accounts, modifications of system files and folders, or installation of new software, UAC prompts the user to ask for permission.

httpatomoreillycomsourcemspimages1855114.png

If the user clicks No, the changes won’t be performed. If the user clicks Yes, the app receives administrator permissions and makes the system changes it is programmed to make. These permissions will be granted until it stops running or is closed by the user. The next time it runs, it starts without receiving any administrator permissions.

To illustrate this process, the UAC algorithm is explained in the following diagram.

httpatomoreillycomsourcemspimages1855115.png

Click to view larger image

Many changes require administrator privileges and, depending on how UAC is configured on your computer, they can cause a UAC prompt to ask for permissions. Here are those changes:

  • Running a desktop app as an administrator

  • Changes to system-wide settings or to files in the Windows and Program Files folders

  • Installing and uninstalling drivers and desktop apps

  • Installing ActiveX controls

  • Changing settings to Windows Firewall

  • Changing UAC settings

  • Configuring Windows Update

  • Adding or removing user accounts

  • Changing a user’s account type

  • Configuring parental controls

  • Running the Task Scheduler

  • Restoring backed-up system files

  • Viewing or changing the folders and files of another user account

  • Changing the system date and time

If UAC is turned off, any user and any desktop app can make any of these changes without a prompt for permissions. This would make it possible viruses and other forms of malware to infect and take control of your system more easily than when UAC is turned on.

When using Windows Store apps, UAC is never triggered because, by design, these apps cannot modify any system settings or files. Therefore, UAC prompts are displayed only when working with desktop apps.

Windows 8.1 has four UAC levels from which to choose. The differences between them are described in the following.

  • Always Notify. At this level, you are notified before desktop apps make changes that require administrator permissions or before you or another user changes Windows settings. When a UAC prompt appears, your desktop is dimmed, and you must choose Yes or No before you can do anything else on your computer.

    Security Impact: This is the most secure setting but also the most annoying. If you do not like the UAC implementation from Windows Vista, you won’t like this level either.

  • Notify Me Only When Apps Try To Make Changes To My Computer (Default). This is the default level; it only notifies you before desktop apps make changes to your computer that require administrator permissions. If you manually make changes to Windows, UAC doesn’t notify you. This level is less annoying because it doesn’t stop the user from making changes to the system; it only shows prompts if an app wants to make changes. When a UAC prompt appears, the desktop is dimmed, and you must choose Yes or No before you can do anything else on your computer.

    Security Impact: This is less secure because malicious desktop apps can be created that simulate the keystrokes or mouse moves of a user and change Windows settings. However, if you are using a good security solution, these scenarios should never occur.

  • Notify Me Only When Apps Try To Make Changes To My Computer (Do Not Dim My Desktop). This level is identical to the preceding one except that when a UAC prompt appears, the desktop is not dimmed and other apps might be able to interfere with the UAC dialog box.

    Security Impact: This level is even less secure because it is easier for malicious desktop apps to simulate keystrokes or mouse moves that interfere with the UAC prompt. Again, a good security solution can compensate for the slight decrease in security.

  • Never Notify. At this level, UAC is turned off and offers no protection against unauthorized system changes. Any user or desktop app can make system changes without any prompts for permission.

    Security Impact: If you don’t have a good security solution, you are very likely to have security problems. With UAC turned off, it is easier for malicious desktop apps to infect your computer and take control of it and its settings.

IMPORTANT

If you do not have administrator access, you can’t set any exceptions, and the programs that do not comply with the standard set of rules are automatically blocked.

Save to your account

This chapter is from the book