The principle of least privilege states that a user or a piece of code should only get the privileges it needs to do the job—nothing less and certainly nothing more. Malicious code can do much more harm when it can execute in the security context of a highly privileged account, and highly privileged processes can do much more harm when they are compromised or simply buggy.
In early Windows versions (Windows XP and earlier) honoring least privilege requires a lot of user discipline both from users and administrators. Starting with Windows Vista Microsoft fundamentally redesigned the way Windows supports least privilege out of the box using a set of technologies that are referred to as User Account Control (UAC). This Essential Guide explains what tools administrators and users can use in Windows today to honor least privilege. It also looks at how third-party applications can complement the least-privilege controls embedded in Windows to further lock down access to the Windows platform and its resources.