Ah now come on that's not true. MS has touted UAC as a security feature.
UAC blog "User Account Control (UAC) is a core security feature in the next release of Windows Vista and Windows Server code name Longhorn."
MSDN "In this webcast, we explore Windows User Account Control (UAC), a new security feature in the Windows Vista operating system."
MSDN "User Account Control (UAC), introduced in Windows Vista, is a security feature"
But of course strictly speaking it's not, but that's a technical definition. That's like saying that SQL server isn't a relation database because it doesn't meet all of the strict relational criteria that Codd set out (it's not, not all views are updatable)
Until Windows installs force the creation of an admin and a least privilege user it's the best there is.
True. They were calling it a security feature right up to the point when Windows 7's UAC vulnerabilities were discovered, and then suddenly it wasn't about security anymore. We've had this discussion before. There's a lot of bull about UAC and Windows security
in general, let's not add to it with this "when we called it security we actually meant
notsecurity at all" stuff.