Thanks. That makes sense, at least to me.I think it's under this sentence: "If malware is running in your split-token account you've given it Administrator access. In the worst case all it takes is patience, waiting for you to elevate once for any reason. Once you've done that you're screwed."
If you switch to another account the malware cannot use the elevation (it's another account... I don't know if I'm clear, it's not really clear for me too !)
Help @Umbra !
The problem, is that it's braking the superb usability of the uac
I have UAC set high, and I get a UAC prompt every time I do something as simple as run a Macrium Reflect backup job. So it sounds like UAC is a waste of time for me, because I often need to enter my admin pin.