I think it is stated best in Technet, User Account Control Overview, particularly the text that I placed in bold/italics:
User Account Control: Delivering a More Secure Desktop
The main goal of User Account Control is to reduce the exposure and
attack surface of the operating system by requiring that all users run
in standard user mode. This limitation minimizes the ability for users
to make changes that could destabilize their computers or inadvertently
expose the network to viruses through undetected malware that has
infected their computer.
With User Account Control, IT
administrators can run most applications, components and processes with
a limited privilege, but have "elevation potential" for specific
administrative tasks and application functions.
Conversely, when
users encounter a system task that requires administrator privileges,
such as attempting to install an application, Windows Vista will notify
the user and require administrator authorization. This type of
prompting helps ensure that users do not accidentally make
modifications to their desktops. It also helps eliminate the ability
for malware to invoke administrator privileges without a user's
knowledge.
There will always be the user who never scans downloaded files before installing, does not create a fresh restore point before installing and clicks away, allowing whatever prompts to proceed. Microsoft and the security community cannot protect users against themselves. Although UAC will make it more difficult for those of us who help users clean up infected computers (due to providing instructions on accepting prompts, rather like disabling real-time protection), particularly when specialized removal programs require elevated privilege. However, in the long run, yes, I see the UAC as an available security feature.
Compare System Privileges between Admin without UAC enabled and a standard user on Microsoft® Windows Vista™ Ultimate:
Admin without UAC enabled:
SeLockMemoryPrivilege
SeIncreaseQuotaPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeSystemProfilePrivilege
SeSystemtimePrivilege
SeProfileSingleProcessPrivilege
SeIncreaseBasePriorityPrivilege
SeCreatePagefilePrivilege
SeBackupPrivilege
SeRestorePrivilege
SeShutdownPrivilege
SeDebugPrivilege
SeSystemEnvironmentPrivilege
SeChangeNotifyPrivilege
SeRemoteShutdownPrivilege
SeUndockPrivilege
SeManageVolumePrivilege
SeImpersonatePrivilege
SeCreateGlobalPrivilege
SeIncreaseWorkingSetPrivilege
SeTimeZonePrivilege
SeCreateSymbolicLinkPrivilege
Standard user with UAC enabled:
SeShutdownPrivilege
SeChangeNotifyPrivilege
SeUndockPrivilege
SeIncreaseWorkingSetPrivilege
SeTimeZonePrivilege
There is a heck of a lot of leeway for malware to operate on the machine without UAC enabled.
Corrine
Security Garden
"The Mystical Rose" (a gif from a friend)
Microsoft MVP. Windows - Security