'AccountManagement.User.Modify' is the permission that allows you to edit a user's details. If you aren't given this permission you can still access the account details as this is a different permission.
However... if you don't have the modify permission and you attempt to edit user details you will get the warning "User doesn't have one or all of these permissions ('AccountManagement.User.Modify')." at the top of the window but the problem is that it still saves the changes.
This is similar to the issue with a page with the 'allow user personalization' setting enabled e.g. add a web part etc. If they view the properties of the page they are able to make changes e.g. to the tab name, whether or not it is enabled, the template etc. If they click save a similar message to the one above is displayed but the changes are still saved!
I had the situation where users were changing the name of my tabs to some rather rude (but also humourous) titles. The only solution was to take away their abilitly to do user personalization.
I don't know if this is plugged in 7.1 but it isn't in the release notes.
Edit: I reported both of these to Symantec via my partner some time ago.
Ryan