I haven't been able to get complete details from the whole SecCanWest thing; so Windows Vista wasn't compromised, but Adobe Flash was? *Sigh*
Security is very very hard.
(Don't worry, Adobe: There is an easy heuristic for determining the number of security issues remaining in a codebase: For every security issue you find, another security issue is bound to exist. You can use that to determine the actual number of security bugs in your code. This heuristic applies to any codebase on any OS.)
It sounds like UAC worked, though.
One of the areas of most active user feedback in Vista is UAC - people hate typing in their password to (for example) install random software.
Users already have far too many passwords (I've seen some studies that say that the average (average!) Information Worker has to remember 14 password already. Ridiculous.
In my personal experience, it seems that most users have no idea what their Windows user account password it - it just isn't something they use *that* often. Compared to, say, their Hotmail password. Or their Windows Live Hotmail password. Or their Windows Live Hotmail with Passport password.
Also, it is a pretty well-established fact that as soon as somebody has physical access to your machine, it is game-over from a security standpoint. (Heck, they could look at the disk sectors with a microscope, and read your documents. Probably. That's how microscopes work, right?)
When the user is attempting to install software we need to verify that that *the actual user* is the one granting admin access to the software installer; not a bit of user-context malware.
This is why the UAC prompt appears in the blacked-out special session (to stop UI automation from any bit of malware that might be running in your user context already from keylogging your password and doing a runas with admin creds later.)
So, we need to verify and prove that a human is granting permission for the software install. Any human close to the keyboard will do, as physical access to the machine == you can administer the machine. So really, you don't need a human with an admin user account; you just need a human. Or rather: you just need to prove that you have a human at the keyboard.
What kinds of proofs are used today to prove to software that a human is at the keyboard, instead of a robot? I, for one, can think of a solution that is pretty popular already - you might too, if you take a look around the web.