I am looking for more reasons for keeping UAC enabled for windows 2008. How effective has UAC actually been for securing systems? What about the argument that "If you run as administrator then you are bypassing UAC so why do you need it enabled?" Is UAC more effective for desktops than servers? Any specific examples of worms or virus that have been stopped with UAC? Thanks

This is not always going to be the answer. Not everyone's needs for features and security are the same, hence the ability exists to turn it off. Personaly I would recommend you to make use of it. Whenever you need to configure a Windows Server 2008 setting, even if you are logged on as the administrator - you need elevated privileges. This is by design, and part of the fierce security initiative in Windows Server 2008. When an administrator logs on to a computer running Windows 2008, Vista, the user is assigned two separate access tokens. Access tokens, which contain a user's group membership and authorization and access control data, are used by Windows® to control what resources and tasks the user can access. Before Windows Vista, an administrator account received only one access token, which included data to grant the user access to all Windows resources. This access control model did not include any failsafe checks to ensure that users truly wanted to perform a task that required their administrative access token. As a result, malicious software could install on users' computers without notifying the users. (This is sometimes referred to as "silent" installation.) Even more damaging, because the user is an administrator, the malicious software could use the administrator's access control data to infect core operating system files and, in some instances, to become nearly impossible to remove. The primary difference between a standard user and an administrator in Windows Vista is the level of access the user has over core, protected areas of the computer. Administrators can change system state, turn off the firewall, configure security policy, install a service or a driver that affects every user on the computer, and install software for the entire computer. Standard users cannot perform these tasks and can only install per-user software. To help prevent malicious software from silently installing and causing computer-wide infection, Microsoft developed the UAC feature. Unlike previous versions of Windows, when an administrator logs on to a computer running Windows Vista, the user’s full administrator access token is split into two access tokens: a full administrator access token and a standard user access token. During the logon process, authorization and access control components that identify an administrator are removed, resulting in a standard user access token. The standard user access token is then used to start the desktop, the Explorer.exe process. Because all applications inherit their access control data from the initial launch of the desktop, they all run as a standard user as well. After an administrator logs on, the full administrator access token is not invoked until the user attempts to perform an administrative task. Contrasting with this process, when a standard user logs on, only a standard user access token is created. This standard user access token is then used to start the desktop. Source http://technet.microsoft.com/en-us/library/cc709691%28WS.10%29.aspx Similar thread that may help Windows 2008 - Must disable UAC http://social.technet.microsoft.com/Forums/en-US/exchangesvrdeploy/thread/e6514654-8479-46d3-aa66-8baa3d13b6a8/ UAC - What. How. Why." (video). "Security Features vs. Convenience". Windows Vista Team Blog