Comment Re:Halt (Score 1) 420
Microsoft would have to create a flag so that programmers can set it to tell the system that it is a security related program and thus should be allowed to execute under the admin account.
The problem with your implementation suggestion is that software developers who don't respect good security practices as it is will not respect such an API. If it is easier to set a flag asserting that the program is "security related" than to follow good software development practices, that is what they will do.
If the security flag was set then the program would not be available to the standard user, only to the admin. That would defeat that argument. If the admin still used the poorly coded program, thats his fault. I'll be awaiting his payment.