A security researcher from Tenable, Inc. recently discovered that it is possible to bypass Windows’ User Account Control (UAC) by spoofing the execution path of a file in a trusted directory.
http://feedproxy.google.com/~r/Securityweek/~3/xwK42jzeEAw/researcher-bypasses-windows-uac-spoofing-trusted-directory