I am not implying UAC is a security boundary. I'm over the whole "boundary", "feature" terminology.
I draw upon Wikipedia's definition of an vulnerability, "a weakness in a system which allows an attacker to violate the integrity of that system", which in this case appears to fit very well. Even if we assume UAC is not a security feature,
which Larry now confirms it is, a "convenience feature" can still have a vulnerability.
Long, I know where you're coming from. However if you say "X has a vulnerabilty" to a security architect and your "vulnerabilty" doesn't cross a security boundary, it'll be dismissed as incorrect. Avoiding the word vulnerability takes the focus off a strict
technical definition and focuses more on what is or isn't the right behaviour.