I don't believe I've seen this mentioned elsewhere so listen up friends!
In the microsoft.public.platformsdk.msi newsgroup, Antti Nivala recently posted a thread talking about a problem running an EXE Type 3074 custom action on Vista. Antti figured out that the CA was failing because it wasn't being granted the SeBackupPrivilege and that a call to AdjustTokenPrivileges would not yield the expected power that was previously available on Windows XP.
The part that caught my eye though was Antti said this was happening even with UAC turned off. Now HOW could that be?
The answer was revealed to me in this Microsoft Document. It seems that on Vista a service can be configured to run as LocalSystem and yet also be configured to run with a reduced subset of rights. A quick peek at the registry showed that MsiServer is configured with the following rights:
I'm suspecting that this is a defect in the MSI 4.0 in Vista.