After the previous UAC security issue in Windows 7, here's another exploit which allows an unprivileged program to perform arbitrary privileged operations without prompting:
http://www.pretentiousname.com/misc/win7_uac_whitelist2.html
Microsoft would no doubt say the same as before, that...