UAC Notification Missing

Windows UAC (User Account Control) notification is a security feature in Windows designed to improve security by notifying users and requiring their consent or confirmation before allowing certain system-level changes or application installations to occur. UAC notification helps prevent unauthorized or potentially malicious actions that could compromise the integrity and security of the operating system. Malicious software can run silently in the background without UAC notifications, making it harder for users to detect malware infections and increasing the likelihood of long-term compromise.

Coro enforces the UAC Notification Missing policy when Windows User Account Control settings are set to:

  • Default
  • Low
  • Medium

UAC Settings

Important

Windows UAC is considered vulnerable when set to Low or Medium.

Creating a new UAC Notification Missing policy

To create a new UAC Notification Missing policy:

  1. From Device Posture , select + ADD :

    Add new device posture policy

  2. Select Add to Windows .

    Coro displays the Add new device policy to Windows dialog.

    note

    The UAC Notification Missing device policy is currently supported for Windows devices.

  3. Select UAC Notification Missing from the Select policy type dropdown:

    Add new UAC Notification Missing policy

  4. Select the policy Action :
    • Review : Coro does not perform auto-remediation. It creates a review ticket that remains open for 10 days before closing automatically. During this time, Coro adds any newly detected affected devices to the ticket. Admin users can close the ticket manually at any time.
    • Enforce : Coro performs auto-remediation, records the action in a ticket, and closes the ticket automatically.
    note

    If the policy violation reoccurs after a ticket is closed, Coro automatically creates a new ticket.

  5. Enter label names (predefined or custom) to the Labels field listed under Apply policy to devices with these labels to apply the new policy to specific groups of devices.

    Apply device policy labels

  6. Select SAVE .

    Coro creates the policy with the configured settings.

    note

    When UAC Notification is missing on a Windows device, a UAC notification missing ticket type is created.

Select the dropdown next to UAC Notification Missing on the Device Posture tab to view the policy. See Device posture configuration overview.

Coro displays the following policy details:

  • Device labels applicable to the policy.
  • The action(s) applicable to the policy, for example, Enforce .

    View UAC Notification Missing policy