There are some breaking developments associated with the Windows 7 UAC settings, as well as other security settings in the product. As you may have heard, there has been a considerable amount of external discussion and comment about the UAC settings that shipped in the Windows 7 Beta. As you might imagine, there was a considerable amount of internal discussion as well.
Well, the Windows product group has decided to make some changes. Here’s an excerpt from the blog post:
“With this feedback and a lot more we are going to deliver two changes to the Release Candidate that we’ll all see. First, the UAC control panel will run in a high integrity process, which requires elevation. That was already in the works before this discussion and doing this prevents all the mechanics around SendKeys and the like from working. Second, changing the level of the UAC will also prompt for confirmation.”
“We want to reiterate the security of the system overall. Windows 7 is SD3+C and is designed to be more secure that Vista—that’s our priority. None of us want to have Windows 7 be perceived as being less secure than Vista in any way, because our design point is to make sure it is more secure that Windows Vista, by default.”
See the full post and a lot more information @ http://blogs.msdn.com/e7/archive/2009/02/05/uac-feedback-and-follow-up.aspx.