It was perhaps the worst thing about Windows Vista: User Account Control, which created incessant and constant pop-ups every time you did just about anything, blanking the screen briefly, then coming back on, dimmed, asking, "Are you sure you want to do this???" A typical session in Vista with UAC turned on would generate dozens of such pop-ups every day, and most users simply turned the whole thing off in short order.

With Windows 7, Microsoft took a more toned-down approach to UAC. The number of security messages you get with the new OS is now lessened, and it's easier to throttle down the UAC pop-ups than it was with Vista.

Users (myself included) really appreciate this, as the Vista pop-ups were so intrusive they made it difficult to actually get any work done. But security film Sophos says that Microsoft has essentially hamstrung itself, saying that the changes to UAC in Windows 7 have rendered the security feature "neutered." Specifically, Sophos threw 10 pieces of malware at Windows 7 to see if UAC would stop them. Two were designed for earlier versions of Windows and wouldn't run at all, but of the remaining 8, only one was stopped by Windows 7's UAC. Hardly a grand showing...

It's important to note that the test was very informal and involved a machine that was otherwise unprotected by security software, which would hopefully have helped to stop the malware from getting through in the first place. But ultimately UAC appeared, at least in this case, to be generally useless as a security measure, leading one to wonder whether it shouldn't simply be scrapped altogether.

Users hated the intrusive Vista version of UAC, but the watered-down Windows 7 version seems not to work at all. Is there a happy medium somewhere (Mac, anyone?), or is it time to just give up?