UAC on Vista will work wonders

It's fascinating to me that UAC has received so much flack from so many journalists, and testers, but I am going to boldly make the prediction that if it works the way Microsoft states, their flagship Windows Vista will have drastically fewer bugs per year. 

Here's why: A little over 3 years ago (probably even more) MS released their latest server OS Windows 2003.  One of the newest components in Windows 2003 was IIS6, which was a major departure from previous versions.  To set up the new features I need to first describe how it was done in IIS5.  IIS5 did not have this feature, and was a tremendously huge attack vector (think CodeRed, and the like).  So their enterprise web server was hopelessly vulnerable.

Then along came IIS6, and with it greatly enhanced security.  What did they do to enhance the security?  Microsoft took a page out of Unix's book, and coded IIS6 so that it ran with guest-level priviliges, which greatly reduced how vulnerable it is to attack.  Why you may ask?  Suppose there is a buffer-overflow attack in IIS6?  If it runs with guest privileges, this would mean that the attacker could only gain access with guest-level privileges.  Hackers became disinterested in IIS6.  In fact since it has been releaset, there are only 4 vulnerabilites available for it on Bugtraq.  There are over 60 for IIS5.What does this mean for Vista?  IE has been just as vulnerable to Windows as IIS5, if not more so.  I recently did some research on a tool called "dropmyrights."  It is an executable that uses the same mechanism as a bult-in policy of windows, and basically makes it so that you can run programs with reduced privileges.  What I found is that when IE is run with reduced privileges, it makes it invulnerable to malware.  In fact I could not infect Windows, or IE with any kind of malware when I droped its privileges down to the level of guest or even normal user.Each of these examples are reinforcing the idea the MS is on to something with UAC.  Droping the rights that the windows desktop, and applications runs under will drastically improve Vista's security.