I only skimmed the various articles you've linked so you must forgive me, or not I don't really care, for asking for some direction/clarification.
Am I right in my thinking that this "UAC" "exploit" only works for a user logged in to an account with administrator privileges?
Well, with `sudo' the administrators have finer control over who can do what. (Or can you really use "UAC" to give specific non-privileged users "Program Files" installation rights but not other users?)UAC is basically the same as sudo on UNIX.