More and more security holes on Windows are coming in the form of attacks on third party products. This doesn't surprise me, since that's a pretty logical target because Windows makes users run their accounts with full administrator privileges. That's because for years, software developers wrote code for Windows which simply assumed that there were no restrictions on the user's behavior. The result of this was that data and settings got written all over the place, and now the cat's out of the bag; it's quite possibly too late to make big developers adopt good habits for Windows development.
Cases like the nVidia driver that caused a significant portion of the Windows Vista crash problems, also serve to illustrate how much damage third party software can do to an operating system. It's all well and good to say "it shouldn't be allowed to happen," but when code runs without restrictions because the user is running it as an administrator, or it's being run as a kernel module, that's easier said than done.
Cases like the nVidia driver that caused a significant portion of the Windows Vista crash problems, also serve to illustrate how much damage third party software can do to an operating system. It's all well and good to say "it shouldn't be allowed to happen," but when code runs without restrictions because the user is running it as an administrator, or it's being run as a kernel module, that's easier said than done.
Dead right about the nVidia drivers. One of the most recent ones was an absolute disaster and caused me to have to go back to a former version on my Vista machine. BSODs aplenty.