I want to configure UAC to not prompt on elevation for certain executables. I noticed the thread here: http://social.technet.microsoft.com/Forums/en-US/w7itprosecurity/thread/9570365e-911a-4745-82b9-d509467ecfb5. I don't like the solution provided because it feels "hackish". The main problems I have with it are that it only works when you start the program from your own shortcut ( doesn't apply to auto starts), and secondly if a malicious program should modify a "trusted" executable there is no way of knowing, and now your running a maliciously modified program with admin rights (altough I suppose that applies to UAC in general). My question is if it is possible to elevate signed executables with out prompting. That way if there is an application I trust, I can sign it with my own private key. This also means that the application can't be modified without breaking the signature.

Hi, Thanks for posting in Microsoft TechNet Forum. Based on my understanding, making individual application exception to UAC is not possible, Windows 7 cannot support this feature currently. As we know, UAC is designed to help to prevent users from accidentally changing their system settings, and helping to prevent "malware" from gaining system-wide access. When elevation is denied, malware is only able to affect the current user's data. And the application must be run by user with Administrator rights as certain tasks performed by the application needs Administrator privileges (like hooking key board and accessing some registry). To some extent, it is triggered by the operations of application. Hope it helps. Alex Zhao TechNet Subscriber Support in forum If you have any feedback on our support, please contact tnmff@microsoft.com.Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi, I am just writing to check the status of this thread. Was the information provided in previous reply helpful to you? Do you have any further questions or concerns? Please feel free to let us know. Regards, Alex Zhao TechNet Subscriber Support in forum If you have any feedback on our support, please contact tnmff@microsoft.com.Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

"I want to configure UAC to not prompt on elevation for certain executables." If I have understood your problem correctly, then yes. There is a way to do that. Go to the properties of the executable and click on the Compatibility tab. Check the "Run this program as an Administrator" checkbox. The executable should not ask for a UAC elevation prompt from the next time it runs. I'm not sure about how to 'sign it' and make sure it's integrity is not damaged by malware. Please revert back here if this does not resolve your issue. Hope it helps!Kunal D Mehta - a Windows Server Enthusiast.

Hi, To disable UAC for administrator only on Windows 7, you should need use the Local Security Policy configuration. Type in secpol.msc into the Start menu search box and hit enter. Now browse down to Local Policies \ Security Options, find the following in the list: “User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode” and double-click on it. Change the setting to “Elevate without prompting”. Then, tasks that request elevation will automatically run as elevated without prompting the administrator. Regards, Alex Zhao TechNet Subscriber Support in forum If you have any feedback on our support, please contact tnmff@microsoft.com.Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi devin122, As this thread has been quiet for a while, we assume that the issue has been resolved. At this time, we will mark it as ‘Answered’ as the previous steps should be helpful for many similar scenarios. If the issue still persists, please feel free to reply this post directly so we will be notified to follow it up. You can also choose to unmark the answer as you wish. Regards, Alex Zhao TechNet Subscriber Support in forum If you have any feedback on our support, please contact tnmff@microsoft.com.Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.