vermeer wrote:not so dumb.
A good windows user (I know, there are soooo few...) anyway wont do or let do anything really dangerous...And anyway, I prefer to configure that, not that comes preconfigured, like historic defaults of Ms Word, which in my experience, haven't been really great for big majority of users...
Because UAC goes beyond that. It's not about you, it's about what the software can do. Program X shouldn't be able to write a file to c:\randomlocation\ unless you allow it to.
Why do you need write access to your whole harddrive for your normal day to day activities.? If you keep everything in your user folder, you don't make a mess of your HD. When you need to move your files to another HD, or back them up, you can take your whole account with you very easily. All the settings for all your software and al the data files you own are in one spot.
Why does your average software need to be able to mess with your registry and write files all over your HD? UAC lets you control that. UAC offers a nice solution with virtual registries and stuff. So your main, real registry is left alone. If you have a program that needs the higher privileges, you elevate that program, and the rest still stay at normal access.
So If I post a demo game here I made with Irr, and it has code that throws a ton of crap in your registry, writes files in your system folder, messes with your HOSTS file, plays with your network config, and all this other junk, you are at it's mercy, because you're a 'good windows user' and you turned off your ability to police your own system. You leave your PC in a mode where it's legs are spread opened, and it doesn't know the word 'no', any program that runs gets full control of everything instead of you.
With UAC on, the most you can ever do is hose your user account.