Jump to content

Option to disable UAC confirmation NOT available in new v13.1.16?

Parsh
 Share

Recommended Posts

Parsh

Parsh 0

Posted
Posted (edited)

I updated to the latest version yesterday. Besides the mentioned changes and the new provisions in the Detection Engine, I can see that 

the option to disable "Access Setup >> Require full administrator rights..." has been removed from the GUI and subsequently from the config file ---> 

     <ITEM NAME="EKRN_CFG">
      ...
      <NODE NAME="RequireElevation" TYPE="number" VALUE="0" />

Now, the user has to answer UAC prompts everytime when saving a rule through (interactive) Firewall alerts. Not the same for HIPS alert, as expected from earlier behavior.

Is that it or there's a workaround? Kindly let know. Thank you.

Edited by Parsh
Link to comment
Share on other sites
jameslevalaisan

jameslevalaisan 0

Posted
Posted

Hi, I can understand that this option has been removed (for limited user) but on my computers on windows10 where I am the unique and administrator user, Eset prompts UAC. So it's very anoying, how can I do to stop that.

Link to comment
Share on other sites
jameslevalaisan

jameslevalaisan 0

Posted
Posted
Hi,
I understand that you remove this option for security reasons but it's very anyoning if the user are in interactive mode.
 
By the way , I don't understand why I have UAC alert on my two computers (on Windows 10 pro) where I am the unique user with administrator rules.
 
Could you help me please?
Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,074

Posted
  • Administrators
Posted

There is no way to avoid it. Actions requiring administrator permissions require UAC elevation / confirmation.

Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted
2 hours ago, jameslevalaisan said:

but on my computers on windows10 where I am the unique and administrator user,

Actually, you run as a limited admin and Windows prompts via UAC when full admin privileges are required. Also in Win 10, you can't log on as full admin since Microsoft removed the account on the Home versions.

You can create a standard user account and log on under that. You won't get any UAC alerts since anything requiring admin privileges will be automatically blocked. This includes Eset GUI modifications. 

Link to comment
Share on other sites
jameslevalaisan

jameslevalaisan 0

Posted
Posted

Ok. So in this case, please don't remove this option. There is a lot of other dangerous options in your software.

Add at least an option to avoid Eset asking administrator privilege for add a rules (which is not more secure than alow user to accept the request without add a rules).

Link to comment
Share on other sites
AGH1965

AGH1965 12

Posted
Posted
2 hours ago, itman said:

You can create a standard user account and log on under that. You won't get any UAC alerts since anything requiring admin privileges will be automatically blocked. This includes Eset GUI modifications. 

I always log on using a standard user account and I'm used to fill in the password of the adminstrator account when an UAC dialog appears. Are you saying that this isn't possible anymore?

Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted (edited)
2 hours ago, jameslevalaisan said:

But I write that I'm using a pro version of windows 10. You cut this word from your quote !

You can disable admin approval mode for the built-in default admin account via Group Policy: https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account . Note: doing this puts you at considerable risk since no UAC alerts will be displayed. If a APT attacker drops malware abusing a Win trusted system utility that can perform hidden admin elevation, you won't be aware this has taken place. This is why security experts recommend UAC be set to its highest level versus its default level.

I assume the above will also eliminate the UAC alerts being generated by Eset.

Edited by itman
Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted
6 minutes ago, AGH1965 said:

I always log on using a standard user account and I'm used to fill in the password of the adminstrator account when an UAC dialog appears. Are you saying that this isn't possible anymore?

You are correct. This is how a standard user account works by default unless overridden by Group Policy.

Link to comment
Share on other sites
pip25

pip25 0

Posted
Posted

It is regrettable that ESET removes product features with no prior notification and a generic "security reasons" justification. I use interactive mode for both my firewall and HIPS. I know this means getting a lot of prompts. But if I agreed to let an application do its thing, a second prompt for UAC seems completely superfluous. Not to mention that this change doubles the prompts I need to accept, which in turn makes me less vigilant about what I accept, and decreases the security of my machine instead of increasing it.

Why was this change necessary? Did disabling the UAC prompt require part of the ESET suite to run with administrator rights all the time? At least some meaningful explanation for this loss of feature would be welcome.

Link to comment
Share on other sites
ip82

ip82 0

Posted
Posted

Just upgraded and noticed this limitation of v13 as well.

Why is this option removed instead of hiding it under advanced>not recommended> type hidden tab? Firefox and Chrome both offer these options and display warnings saying this may void your warranty.

Regular users won't go in that deep and if you are a pro user, you know what you're doing.

Removing choices is never good, hope ESET restores this option.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...