UAC wouldn't do much to help you with that issue Jeff describes by itself. Browser trojans would be an installed ActiveX control/COM object that bypassed IE security. That can still install (if there's a hole in IE) today and would not trigger UAC.
But then IE 7 is locked down pretty much that nothing can (supposedly) auto-install any longer anyway without several notices popping up.
I have UAC off - I would not be able to make it through my day without 1000's of these things popping up (seriously) and that's too much of a productivity hit. But then I probably deal with low level system tasks more than most <s>...
IMHO UAC is a knee jerk overreaction. I've been running my machines without a firewall without AV and over the last 20 years I contracted 1 virus that toasted IE a few years back (and I know exactly when that happened and no AV or firewall would have stopped that). Maybe I've been lucky, but a bit of common sense and properly setting up your machine for security at the file level will do wonders...
And you get a machine that's not dragged down 3 CPU grades by AV software...
I wouldn't recommend that to the average consumer, but as computer professionals most of us should be proficient in locking down our machines no?
+++ Rick ---
>Hi Sergey.
>
>>I have to disagree with you. UAC is not new way of doing things. It's idiotic way to implement security that MS started with Outlook 2000 "patch from hell".
>
>Perhaps, but check this out:
http://www.codinghorror.com/blog/archives/000891.html>
>Doug