Vista User Account Control (UAC) reduces the exposure and attack surface of your computer's operating system (OS) by forcing all users to run in Standard User mode. This new gatekeeper reduces the opportunity for a malicious program to hijack a session with elevated privilege because UAC serves as an intermediary.

If UAC is enabled, all user accounts in Vista run in Standard User mode. This means that when a task is performed that requires administrative privilege, such as installing an application or modifying certain system configurations, Vista notifies the user and requires authorization, such as

User Account Control is a significant security improvement over previous Windows versions, but it's the most annoying and intrusive security feature in Vista. Many users try to either modify its behavior to be less intrusive (which makes it less protective) or turn it off completely. I'm not sure that Microsoft achieved the right balance between security and productivity. It will be up to the Vista user base to accept or reject this feature and all its security value.