My main gripe about UAC (Trust me, I'm not about to disable it) is simply around UI:

Sometimes not enough information is presented for me to be able to make a decision on whether to allow the operation or not. Some of the names are quite obvious (e.g. when doing file operations), but what I'd prefer to see is an "advanced" version of this dialog detailing:

  • Who (which process, its PID, its location on the filesystem) is requesting the operation
  • Exactly what does granting this privilege mean (they have rights to do what now?). When running applications that do things under the covers, it may not always be possible to directly link an action you performed to the UAC prompt that just popped up.
  • A verifiable link to confirm they are who they say they are, e.g. validate their signing certificate if present.