UAC has never been a security feature. Microsoft has NEVER claimed that UAC was a security feature. It's a convenience feature that acts as a forcing function to convince software developers to get their act together.
And if you don't like the default settings, you can make a trivial change to increase your prompting level back to where it was in Vista and all these "exploits" go away.
The ONLY secure scenario is to run as a standard user (with no admin privileges) and use fast user switching to switch to an admin account when you need to make configuration changes to the machine. But most users won't put up with that level of security.
Heck, look at how much people complained about the UAC prompts. Imagine how annoyed they'd be if MSFT forced them to log into another account to change their system configuration.
Maybe that's Microsoft's problem right there.
UAC isn't a security feature but perhaps it should be. Remove user's ability to login to admin accounts EVER (ex. Server) and have UAC escalate on request. But as I'm sure you are well aware a program running as a admin-user even with UAC enabled still has
far too many liberties which is why windows design changes need to be made.
This isn't stuff that will happen in Win 7. Heck this isn't stuff that will happen for a long time. But in the mean time leave UAC on and start knocking out admin-user features one by one and move them to the admin-admin UAC prompt "zone" of security.