The purpose of UAC is to make Windows users aware of potentially dangerous activities on their computers. The potential threat is that a malware program (or possibly a determined hacker) could be carrying out a scripted set of steps that will lead to a negative event on your computer, such as the loss of data or damage to your Windows installation. In a nutshell, the question UAC asks is: Did you initiate this process that's attempting to run? When the answer is yes, you click OK or Allow to permit the action. When the answer is no, your prudence in letting UAC block that action could save you from a very bad experience.

The easiest example to understand is the prompt that pops up when an unsigned program installation begins to run. In RC1, it reads: "An unidentified program wants access to your computer." Your choices are Cancel or Allow. If you initiated the program installation and you trust the source of the software, you should click Allow. But what if you didn't initiate a program installation? That's the situation for which UAC was created. It gives you a last-chance option to prevent something bad from installing on your PC.

The good news is that a long list of previously annoying -- and in some cases unnecessary -- UAC prompts have been removed from RC1. One way Microsoft is going about that is by localizing UAC protection to the areas that are most dangerous. For example, opening the Windows Firewall Control Panel no longer requires you to click OK to a UAC prompt. But attempting to turn off the firewall or change its settings does result in a UAC prompt. The same is true of Windows Defender. You won't be prompted until you go into options and attempt to turn off the antimalware program, for example. There's no longer a UAC prompt to open the Scanners and Cameras Control Panel, until you attempt to add a device. And there's no UAC prompt if you opt for Media Player's "express" setup option. Standard account users can install high-priority updates in RC1.

One of the most mystifying UAC behaviors in Vista Beta 2 caused a prompt to appear when you tried to delete some desktop program shortcuts. If the program was installed for "all accounts" in Beta 2, then Vista blocked the deletion of the icon in Beta 2 with a UAC prompt. If the program was only installed for the currently active user account, then deletion of the same program shortcut occurred normally. Since there's no way for Windows users to know which way the program was installed, even experienced beta testers were confounded. In RC1 (and in Build 5472 before it), as long as the running account has administrator privileges, icons installed "on the public desktop" (that is, for all accounts) will be deleted without issue when you drop them into the Recycle Bin. Standard users will still be asked to elevate their permissions, but it's not like that doesn't happen a lot for Standard accounts.

Finally, Microsoft added a change that prevents UAC from stealing focus from an active program or process that you're working in that has nothing to do with what initiated the UAC prompt. So the potentially threatening activity is blocked, and you can tend to it as soon as you complete what you're doing. Enterprises can also specify a list of approved ActiveX controls that UAC will allow Standard user accounts to install in conjunction with Internet Explorer without UAC blocking them.