That's it? Really, that ONLY it?
Under Windows Vista, no issue regarding writing to INI files occured: File System Virtualization automatically kicked in and the INI files were redirected outside Program Files folder. (And by the way, even on Vista I don't get a UAC popup because in Vista too, I run under a Standard User Account.) On Windows XP, I forsaw this issue and granted write permisions on .INI and .CFG files to Authenticated Users group.
As for you and me hearing about a trojan taking advantage of something, I won't wait for that. Because (1) viruses infect any EXE thing, exploitable or not if you give unnecessary admin permissions; besides, (2) when we hear such news as a malware taking advantage of something, the said malware has already affected thousand; finally, (3) every application, exploitable or not, which do not really need administrative privileges must act like a good citizen and do not request privileges of a president. This is law. Make FF7 an exception and tommorow you'll find yourself making every pig.exe, dick.bat, tom.com, harry.js an exception.