More and more security holes on Windows are coming in the form of attacks on third party products. This doesn't surprise me, since that's a pretty logical target because Windows makes users run their accounts with full administrator privileges. That's because for years, software developers wrote code for Windows which simply assumed that there were no restrictions on the user's behavior. The result of this was that data and settings got written all over the place, and now the cat's out of the bag; it's quite possibly too late to make big developers adopt good habits for Windows development.
Cases like the nVidia driver that caused a significant portion of the Windows Vista crash problems, also serve to illustrate how much damage third party software can do to an operating system. It's all well and good to say "it shouldn't be allowed to happen," but when code runs without restrictions because the user is running it as an administrator, or it's being run as a kernel module, that's easier said than done.
Cases like the nVidia driver that caused a significant portion of the Windows Vista crash problems, also serve to illustrate how much damage third party software can do to an operating system. It's all well and good to say "it shouldn't be allowed to happen," but when code runs without restrictions because the user is running it as an administrator, or it's being run as a kernel module, that's easier said than done.
Related Entries:
- Should system administrators be criminally liable for defending passwords too aggressively?
- The dangers of counterfeit hardware
- Random links
- Interesting links and news
- Completely unacceptable
- How Microsoft proves that markets usually work better than regulation
- I'm starting on a transition
- Google's Android is not off to a good start
- Random thoughts
- Taking one for The One
Dead right about the nVidia drivers. One of the most recent ones was an absolute disaster and caused me to have to go back to a former version on my Vista machine. BSODs aplenty.