Microsoft: UAC can be hijacked by social engineering
eWeek | at | by Mike
Microsoft's UAC in its Vista operating system release was meant to signify that finally, the company has gotten serious about securing Windows by limiting a user's rights during day-to-day computer usage.
It's come to signify something much less than security or trust in the minds of some security experts, though. Security expert Joanna Rutkowska kicked off the dissection of UAC in her blog, and the latest salvo against User Account Control was heaved by Symantec Research Scientist Ollie Whitehouse with a Feb. 20 posting titled An Example of Why UAC Prompts in Vista Can't Always Be Trusted.