As the de-facto tech person in the household I have to understand this. I need to know if I set up an administrator account on my PC and then only use regular user accounts for all web browsing, am I safe from malware?
A “drive by download” is malware that you pick up by visiting a web site even without giving it permission to put the bad stuff on your computer.
Originally Posted by McAfee Site
Gone are the days when you had to click to “accept” a download or install a software update in order to become infected. Now, just opening a compromised web page could allow dangerous code to install on your device.
You just need to visit or “drive by” a web page, without stopping to click or accept any software, and the malicious code can download in the background to your device.
The User Account Control (UAC), according to Wikipedia
aims to improve the security of Microsoft Windows by limiting application software to standard user privileges until an administrator authorizes an increase or elevation. In this way, only applications trusted by the user may receive administrative privileges, and malware should be kept from compromising the operating system.
The UAC is responsible for the “Do you want to allow the following program to make changes to your computer” message you get when you have this set up and are not browsing from the administrator account.
So, if I am browsing on a user account and I hit a bad site, will I be protected so long as I don’t agree to the change (which requires I put in the administrator password)?
Needless to say, my anti-virus software is up to date (although it seems it wouldn’t matter) and I try to practice safe browsing.