0

Assuming I don't have admin password set:

  1. While working under admin and having UAC enabled is there a way for downloaded software to get admin permissions without me clicking "Yes" in the prompt?
  2. While working under another normal (limited) user account is there a way for downloaded software to run with admin permissions without the prompt? Does it make any difference if UAC is enabled in this case?

Also while having two normal user accounts without a password is it possible for downloaded software to do something under another user (non-admin) account without an interactive prompt?

Does it make any difference to have no password or a simple password like "1"?

By "downloaded software" I mean any executables downloaded with a browser and "unlocked".

Improve this question
5
  • I've never seen any way to bypass UAC. If there's no admin password, then any user can accept the UAC prompt and click through successfully, however. If this computer is used by multiple people, it is not recommended that your admin account be unpassworded; recent builds of Windows 10 seem to enforce having an admin password.
    – Jeff Zeitlin
    Commented Jun 8, 2021 at 16:02
  • Computer accounts without passwords are usually unsafe because unintended users can compromise the computer.
    – anon
    Commented Jun 8, 2021 at 16:06
  • Not a good idea for many reasons. There are instances where not having an admin password can actually lock you out. "No password" cannot be entered in circumstances where you cannot proceed without a password… stuck. Using a single-character password is unsafe as regards attacks, but at least it won't lock you out.
    – Tetsujin
    Commented Jun 8, 2021 at 16:31
  • Does this help answer your question? superuser.com/questions/1568419/…
    – anon
    Commented Jun 8, 2021 at 18:23
  • Before worrying about the UAC elevation prompt make sure that UAC is set to the highest level overwise. Without the highest level people often find ways to bypass the UAC elevation prompt by misusing other applications that have the elevated permissions.
    – Robert
    Commented Jun 12, 2021 at 12:57

1 Answer 1

Reset to default
0
  1. Yes, there are exploits and even Microsoft itself doesn't consider UAC to be a security boundary.
  2. If admin account has a non-blank password and an application somehow knows it, it can execute code under admin account. But empty password doesn't allow automatic non-interactive logins (by default, if not allowed in gpedit). So having an empty password is better than a short password. But if you leave it like this anyone at your home can login as admin. To prevent this add a logon scenario for that user that does immediate "logoff". You will still be able to use that account by clicking "Run as administrator".

No, it's not possible to do anything "automatically" under a user without password, only manual login is possible.

Don't use passwords like "1" because any app can login under that user.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .