Yes, the Vista Security Demo video is well worth a watch too. The Go Bananas
demo is a great example of why you don't want to use administrative
privileges for day-to-day stuff. Especially when you consider that even
ActiveX controls (which aren't even full-blown apps) run with the
permissions of whatever user account you're in at the moment.
Of course in Vista you'd still have to elevate to let that Go Bananas thing
turn off your firewall. Because admins run with standard privileges. The
only difference is that you don't have to enter an admin password to elevate
when you're running in an admin account. In a standard account you have to
enter an admin password to elevate. This is how parents (admins) can control
their kids (standard users) computer use in a home environment.
