Despite growing CSO and CISO recognition of the need to deploy end-users as standard users, and requirements by the Federal Government for the removal of administrator rights under the Federal Desktop Core Configuration (FDCC) mandate, Windows 7 includes no significant changes to UAC for standard users.
"For enterprises, there is little benefit to the changes to User Account Control in Windows," said John Moyer, CEO of BeyondTrust. "Windows 7 introduces cosmetic changes to reduce the prompts that plagued Vista, but it does nothing to fix the underlying productivity and usability problems for standard users... Windows 7`s UAC slider puts end-users in charge of the security decision of what to run with administrative privileges, which is essentially an invitation for malicious users, hackers and malware."
It is amazing that Microsoft can not do what Unix and every gnu/linux distribution has done for decades, provide real user privilege separation. Where these are provided, it is easy to add GUI front ends like kdesu, so that authentication is simple and painless for the few times it is needed."
Link to Original Source