Criticism
There have been complaints that UAC notifications slow down various tasks on the computer such as the initial installation of software onto Windows Vista.[19] It is possible to turn off UAC while installing software, and reenable it at a later time.[20] However, this is not recommended since, as File & Registry Virtualization is only active when UAC is turned on, user settings and configuration files may be installed to a different place (a system directory rather than a user-specific directory) if UAC is switched off than they would be otherwise.[21]Also note that Internet Explorer 7's "Protected Mode", whereby the browser runs in a sandbox with lower privileges than the standard user, relies on UAC; and will not function if UAC is disabled.[14]
Yankee Group analyst Andrew Jaquith stated that "while the new security system shows promise, it is far too chatty and annoying."[22]However, this statement was made over six months before Vista was actually released (even before Beta 2 was released). By the time Windows Vista was released in November 2006, Microsoft had drastically reduced the number of operating system tasks that triggered UAC prompts, and added file and registry virtualization to reduce the number of legacy applications that trigger UAC prompts.[4] However, David Cross, a product unit manager at Microsoft, stated during the RSA Conference 2008 that UAC was in fact designed to "annoy users," and force independent software vendors to make their programs more secure so that UAC prompts would not be triggered.[23] In response to these criticisms, Microsoft has altered UAC activity in Windows 7. For example, by default users are not prompted to confirm actions initiated with the mouse and keyboard alone such as operating Control Panel applets. New York Times Gadgetwise writer Stephen Williams says: "One recommended way to wring more speed from Vista is to turn off the overly protective User Account Control whose pop-ups are like having your mother hover over your shoulder while you work."[24]. A study by Sophos using 10 unique samples which had arrived in their labs, showed that UAC , on its default level, could not protect Windows 7 from 8 of the samples. [25]