The context of the original post is the following posted earlier:
In other words by following the above outlined installation workflow, a lot of common windows problems can be solved, like missing library errors.
It should be obvious why UAC should be disabled for the initial system setup, especially given that the initial setup tends to be done in an administrator level account which subsequently requires numerous deliberately-administrative changes to the system. Being prompted every few seconds to install 10+ libraries, dozens of programs etc is not productive and UAC actually pauses many installers for an extended period lengthening the time initial setup takes unnecessarily, and pointlessly.
But what about after initial setup? Should UAC should be left disabled or get enabled again? Does it cause more “small windows problems” or does it create them? If the security benefits of UAC are worth it, then despite any small programs it creates, then it can be worth it in some environments.
Read the discussion before posting. Context is important you know? The false sense of “security” that UAC provides was discussed in detail above with both reputable sources and examples of how to bypass it provided. Using UAC while logged on in an administrative account is especially pointless, only creating lots of small windows problems, while having -zero- positive impact on os or user data security.
UAC can makes sense to enable to use the “run-as” functionality of it when combined with a standard user account for day-to-day operations, granted that doing so will continue to cause UAC related small windows problems. If the user understands the myriad of small windows issues caused by leaving UAC enabled, then then this configuration is not too bad, depending on the user.
As a security conscious user, I would rather use thick VMs with UAC disabled since doing so mitigates most small windows problems while also isolating malicious software (including randomware) from user data. Considering that VMs are disposable and clonable by design, leaving UAC enabled in them is also fairly pointless. VMs provide real security, not the fake isolation that UAC in AAM provides.
In other words, saying it should always be enabled only causes lots of small windows problems pointlessly and does not adequately take into account the context that the user disables UAC in. That is what I have been responding to. The user should dictate how to configure and run their system, not an OS non-feature, nor ideology.
If you want to drop the topic then stop prompting me for a reply about it.