IT Services - Security Feature Rollout - User Account Control & Login Screen Updates - 3/21/19

Windows Updates: User Account Control

IT Services is rolling out a new security feature on Ferris-owned Windows workstations on Thursday, March 21st. User Account Control or UAC for short is a security feature of Windows which helps prevent unauthorized changes to the operating system. These changes can be initiated by applications, users, viruses or other forms of malware. User Account Control makes sure certain changes are made only with approval from the administrator. If the changes are not approved by the administrator, they are not executed, and Windows remains unchanged.

When you double-click on a file, a setting or an app that is about to make important changes to Windows, you are shown a User Account Control (UAC) prompt. If your user account is an administrator, the prompt will look similar to the screenshots below. If you initiated the change, click Yes on the prompt.

UAC prompt in Windows 10 with Admin rights

 

UAC prompt in Windows 7 with Admin rights

If your user account is NOT an administrator, the prompt looks a bit different. The UAC prompt requests an administrator's password, as shown below. When this happens, you will need to call the IT Solution Center at x4822 to have an administrator enter the password. Until an administrator enters a password, the changes that are requested will not be made.

UAC prompt in Windows 10 without Admin rights

UAC prompt in Windows 7 without Admin rights

Login Screen Updates: Ctrl-Alt-Del

IT Services is rolling out a new security feature on Windows workstations on Thursday, March 21st. Secure attention key (SAK) or secure attention sequence (SAS) is a special key or key combination to be pressed on a computer keyboard before a login screen appears. This key combination is Ctrl-Alt-Del. The first screen capture below is what the new screen will look like.

The login screen will appear after you use the secure attention key combination. Go ahead and login as normal.

A malicious attacker could make an application which goes full-screen, grabs the keyboard, and displays something which looks like the normal login screen, down to the last pixel. He or she would then log on to the machine, launch the application, and go away until some unsuspecting victim finds the machine, tries to log on, and gives his or her username and password to the application. The secure attention key (Ctrl-Alt-Del) is designed to make login spoofing like this impossible.

Mac devices will not be impacted by this new security feature. If you have any questions or concerns, please call the IT Solution Center at x4822.