At least Windows now makes the UAC dialog distinct from the rest of the OS and any other Window. macOS (and most linux DEs too) just look like any other application dialog, easily spoofed.
UAC on Windows opens up on the secure desktop, which is isolated in protected memory and not accessible to other processes. It's also visually distinct, hiding all other UI elements, and nothing else can present the actual secure desktop, only UAC can. Granted, I've seen some fairly convincing looking fake prompts (that regular users would fall for) but to me they were still obviously fake, and they were unable to hide all UI elements like UAC does.
The secure desktop for UAC is also supposed to help prevent cursor offsets and other attacks (replacing the system cursor with fake one that shows as if it's over the "no" button but is actually going to click on "yes").
macOS could really use something like that for it's prompts, and I don't know why any other OS hasn't implemented something like UAC's secure desktop.
The most important feature of the secure desktop is one that is rarely ever mentioned: you can hit CTRL+ALT+DELETE on a real UAC prompt. This is something similar Linux prompts lack (as Linux lacks a similar privileged shortcut sequence); GNOME has full-screen, top-level, UAC-like prompts for PolKit and sudo, but it's hard to figure out if it's real or a fullscreen application.
There are ways to avoid the CTRL+ALT+DELETE safeguard, but it's a lot harder than it is to spoof a password prompt that looks like the OS one. It's kind of unfortunate that KDE went with the macOS/Windows XP approach rather than doing what Windows does.
