I thought Kasperski WAS a trojan when it popped up on a borrowed machine./ Had a hell of a time scrubbing it off.

In failing to build in properly-enforced privilege separation from the ground up, Microsoft did an extreme disservice to Windows users. Now it's coming back to bite them good and hard.

Developers of legitimate applications have been relying for all these years on the very features which make Windows insecure to make their applications work. Now, it's very tempting just to call that bad programming -- after all, nobody would ever get away with writing Unix applications that required root access.

If Microsoft released an updated version of Windows that included security designed in from the ground up rather than a tacked on as a bit of an afterthought, this would inevitably break compatibility for a lot of legacy applications.

And if legacy application breakage is unavoidable anyway, then why should anyone looking to purchase an operating system stick with Microsoft and their vendor lock-in, when they could use the opportunity to end all the badness in one fell swoop -- i.e. pay some third party to install an Open Source Operating System and common applications across the board, recode equivalents for their legacy Windows applications (and, crucially, hand over the Source Code this time) and arrange for retraining of staff?

Since any application for which the Source Code is available can be persuaded to run on Windows, it would not even be totally unfeasible to let the option remain for workers to install Windows -- at their own expense and without in-house IT support. The cost might well be enough to put them off.