and (until W7) it was pretty much the default for users to run as admin, or for their "account" (such as it is, MS has seemingly only recently discovered the idea of multiple users and priviledge separation) to have admin privs so everything the user ran automatically had admin privs without even needing to exploit a security hole.
the easiness is partly due to software flaws in the various versions of windows and partly due to users doing stupid things....and those stupid things are encouraged by the countless irritating popups saying "are you sure you want to run that?" which desensitise users to security issues and teach them to Just Click Yes every single time.
i've been messing around with W7 recently and, while it's vastly superior to previous versions of windows (even to the point that i don't actually hate it :- ) it's still bloody annoying. there are constant hassles and obstacles for everything you might want to do, it seems that every program you install or want to run involves some long and tedious digression finding and installing a bunch of other things or creating an account on some service. you can't even play some *single-player* games on it without having to sign up for yet another bloody online service. All this crap trains users to, as i said, Just Click Yes - i.e. "i don't want to have to care about signing up for xbox live (or whatever) - i don't even know or care what it is, i just want to get through this crap ASAP so i can play the game...so click, click, click as quickly as possible".
This isn't purely Microsoft's fault though. With NT they could have just said "users shall not run with admin privileges. Any application requiring this will not work", but they needed to support applications from 3.x, 95, etc which loved to stomp all over the system. The problem with taking the cowards way out though is, as you say above, we still have a billion crappy applications that simply won't run without having administrative rights (I'm looking at you MYOB). The funny thing is that they have implemented those popups in the server version of windows 7 (2008R2). If I ever log into a 2008R2 machine it's because I need to install something or change a setting somewhere. I don't need obstacles placed in my way. Trying to change permissions on a folder requires a stupid number of clicks and acknowledgement of warnings. Ditto for sudo on my linux servers - if I ever log in its because I'll be making changes.
and this is the 'flaw' that Microsoft is trying to fix.
lots of people, probably the bulk of our species, are stupid. that's
an
unfixable flaw.
Doesn't stop Microsoft from trying...
and i doubt very much if Microsoft are 'trying to fix' anything -
they've just
found a handy excuse to justify attempting to get the same kind of lock-in and control that Apple has over their users.
I think Microsoft's mistake is trying to fix stupidity/gullibility with a patch.
I don't think it's a mistake on Microsoft's part. I think it's a convenient excuse for them to copy Apple's lock-in methods.
I think it's a little bit of both. Armies of botnets are a thorn in Microsofts side that they'd love to get rid of. Bootsector rootkits are really hard to get rid of for the average user, so never letting them get installed in the first place (or failing to boot when the do get installed) is a great idea. Unfortunately Microsoft are kidding themselves if they think the bad guys won't find a way around it - it's just another escalation in the battle between good[1] and evil and the rest of us are just collateral damage. James [1] I'm only labelling Microsoft 'good' in comparison to the malware guys :)