These are not the security holes you are looking for
While these newly discovered vulnerabilities are interesting, you need only look at the change in attack vector by viruses in the wild to realise the depth of change related to windows security in recent years.
Long gone are the days of the of the blaster/sasser worms. Even the dreaded conficker worm uses a combination of social engineering and brute force dictionary attacks.
And the drive-by web based attacks rely on exploiting vulnerabilities in commonly installed software like Acrobat, not the OS itself. There in lies the rub.
All the current security issues on the Windows platform can be laid squarly at the feet of badly written 3rd party software.
It all started when MS ditched the home market DOS based OS and consolidated on the NT platform with XP. Prior to this, people who wrote software for the NT platform understood that it was a network based OS with tightly regimented ACLs, and if they didn't take this into account, their software would not work.
Then came the flood of script kiddies, DOS programmers, and beard-stroking old-school Unix zealots, who refused to comply with the windows security model, making it so diffucult to run as a limited user we have to run as admins, giving anything we double-click on full rights to the entire OS.
"Program Files? that has a space in it, and would require some improvement in my programming skills. I'll just install in the root of C:"
"Windows registry? Looks complex. I'll just write back to config files in my install directory"
The net result is that as a sysadmin, you spend days tightly locking down your windows environment, and then weeks punching dirty great holes in it again to get badly written software working. No wonder you're average home user is vulnerable, They've been conditioned into thinking that every bit of software out there needs direct kernel access and sufficient rights to re-partition your hard disk, just so it can self-update.
Firefox behaves like a virus, trying to write-back to its program folder when updating (instead of using an installed service). I've seen Google Chrome install itself into the users profile folder before! Don't think the open source crowd do any better. The first thing that happens when you launch GIMP, is it does a great steaming dump all over your user profile. You'd think by the way these programs behaved the coders had never actually seen a windows computer before in their life.
When these 3rd party programs finally start using the now decade old, well documented windows security model, then so can we! On that day, we will be genuinely worried by the UAC pop-up, rather that just assuming it's Mozillas crappy updating routine.
Biting the hand that feeds IT
