There was some talk about the behavior of UAC in Windows 7. To make a long story short:
- access to UAC is protected by … UAC: UAC is marked as a “Windows Setting” and those are protected using UAC
- by default UAC is not triggered when changes are done to a “Windows Setting” (according to MS due to popular demand for not showing the UAC dialog too often)
- therefore changing UAC to “Don’t show up ever” (= disabling it) can be done without invoking UAC itself for confirmation (for systems that haven’t changed the default setting)
- world domination!! (but for hackers, not for you)
At first Microsoft considered this not an issue and said this behavior is “by design”. Now they seem to have seen the light over there in Redmond.
It is always dangerous if you protect a system using the system itself. I am not saying it is bad design if you do, I am just saying that bad things can happen if you don’t think this through. The original idea for UAC in Windows 7 was obviously not thought through.