Pasting a random article from 2007 with no other comment is not a great rebuttal of what they said.

A _lot_ has changed since 2007.

I'm pretty sure the fact that it's not a security boundary has not changed since 2007. They should've probably marketed it better to clarify this, but that's not a technical issue. It was always a horrible idea to run a malicious program under your credentials relying on UAC to enforce any security. That's never changed.