The built-in administrator isn't really different, from an operational
standpoint, than any other admin account -- other than there being no UAC
prompt (AFAIK) when you do something that requires elevated privileges. That,
in and of itself, is a good reason to leave the account deactivated.
It may be true that a malicious person might find a way to disable the other
admin accounts so that s/he could reboot and gain access to the system
through the password-less Administrator account. (Just booting to Safe Mode
with even one other admin account still viable will NOT get you the ability
to log in as Administrator.) But, if you think about it, the only effective
way to do that would be to already have logged in as an admin or to boot with
an alternative OS (on CD/DVD, other drive, etc.) in order to damage those
accounts. In either case, the person already has had access to everything
anyway.
You really can't protect a system from a determined, knowledgeable person
who already has had access to the system as an admin. The passwordless
Administrator account which only becomes available when all other admin
accounts fail can make life a lot easier for tech support people. (No more
forgotten passwords.) I imagine that this was a prime motivating factor in
the way Microsoft designed this feature.
BTW, I did activate my Administrator account temporarily on my Vista systems
-- just long enough to put a really nasty password on it. Then I deactivated
the accounts on all Vista machines. But that was before I had thought my way
through the way the feature works. Not sure that it matters, anyway. I use a
BIOS startup password and take all drives but the primary hard drive out of
the boot sequence on my critical systems. The drive is encrypted through the
BIOS, so moving it to another system won't gain admittance to the data on it.
But those precautions are, I think, pretty extreme and more than most people
want or need.
Regarding the actual question in your original post, if your version of
Vista has a policy editor you can open compmgmt.msc and look under Local
Users and Computers to confirm that the Administrator account does, indeed,
exist. But the account doesn't show up in "control userpasswords2" -- unless
it has been activated.