In a nutshell, the question UAC asks is: Did you initiate the process that's attempting to run? When the answer is yes, you click OK or Allow to permit the action. When the answer is no, your prudence in letting UAC block that action could save you from a very bad experience.

UAC is not smart in any way. It doesn't try to discern something that might actually be a threat. It just throws up a prompt about something that might conceivably be exploited. It also doesn't ever relax. You could click the System Control Panel (also called Advanced System Settings in some areas of Vista) 75 times in a row, and it would prompt you with the statement "Windows needs your permission to continue" every time. So basically, it adds an extra click to the process of accessing this tool.

There is nothing inherently wrong with this approach, which has been used by other operating systems before. It's not a new idea, and it's not a bad idea. But the devil is in the details of how it's implemented. As a Johnny-come-relatively-lately to the security bandwagon, Microsoft has embraced security principles fervently. What that means is that, if there's even a small chance that opening a settings dialog box, starting up an applet, or running an installation program could present even a slight security risk, Windows Vista is going to prompt you with some sort of UAC dialog box asking for permission to proceed.

This is a short list of just a few of the processes that require confirmation to initiate:

-- Opening Disk Defragmenter, System Restore, Task Scheduler or Windows Easy Transfer