Windows 7 - Microsoft addresses UAC concerns

As noted in several articles, Microsoft will be strengthening the default settings for UAC to ensure high-levels of security out-of-the-box for Windows 7. With the TWC initiatives implemented earlier this decade, I was sure this welcome change in policy was going to take place.  Users still have the flexibility to set UAC as desired. 

UAC is a security warning system. I would encourage Vista users to leave it intact.  If it's a little pesky when initially loading software on a new PC, temporarily disable it and then turn the setting back on to provide alerts for unauthorized changes (e.g., malware can sneak in and change the registry or configuration files). Also, if a UAC message is shown, always read it carefully and just don't hit enter automatically (i.e., UAC warns but won't prevent infections).

Microsoft Agrees to Additional Windows 7 UAC Change to Address Concerns
http://www.eweek.com/c/a/Security/Microsoft-Agrees-to-Additional-Windows-7-UAC-Change-to-Address-Concerns/

QUOTE: After some debate, Microsoft has agreed to design Windows 7 to generate a prompt if there is an attempt to change the user account control settings. The issue has been at the center of a debate between Microsoft and bloggers, who called the situation a security vulnerability.

Engineering Windows 7 Blog - UAC Feedback and Follow-Up
http://blogs.msdn.com/e7/archive/2009/02/05/uac-feedback-and-follow-up.aspx

QUOTE: With this feedback and a lot more we are going to deliver two changes to the Release Candidate that we’ll all see. First, the UAC control panel will run in a high integrity process, which requires elevation. That was already in the works before this discussion and doing this prevents all the mechanics around SendKeys and the like from working. Second, changing the level of the UAC will also prompt for confirmation.