Do you find the User Account Control popups in Windows Vista to be annoying? If so, two things. First: you’re definitely not alone. Second: that annoyance is exactly why Windows has become so much more secure.
Speaking at the Usenix Security Symposium in DC, Microsoft rep Crispin Cowan outlined how those awful UAC notifications caused developers to rewrite their code. As you know, when a program wants administrative access to run, it’ll pop up a notification asking for it. The reason why you haven’t seen as many of those as you did when Vista first launched is because software companies realized that they were pissing off their customers by constantly asking for administrative access. So they rewrote a lot of things to not require as much permission to run.
This in effect has made Windows way more secure. Since Vista, not all user accounts have administrative privileges by default, which means a given user is less likely to allow software which will mess something up. Second, since most software no longer requires administrative privileges to run, users have become more discretionary when they see a request for admin authorization.
Mr. Cowan made the point that until Vista, Windows had been overall more about interoperability and ease of use than security. He argued that this paradigm shift in how code is allowed to run makes Windows as secure as Unix-based operating system like the many Linux distributions or Apple’s Mac OS. Whether the improvements are this substantial or not are hard to measure, but he’s definitely correct to suggest that Windows has become worlds more secure in the past few years.