[sevry]

I could be wrong. But it seems to me that any attempt to read or write to a disk sector, or to read or write through a communication port, has to at some point go through the OS; particularly Windows which years ago promoted itself on the basis of reducing everything to drivers and channels.

Why can't Windows catch or challenge a process instance at that point? It might add overhead, sure. But processors are fast, and the recently approved instances could be stacked for quick reference in each session. Part of the challenge for communication might simply to be to see if the address is 'spoofed'. But much else could also be checked.

Of course, part of reason that many suggest for other OS being more stable is that Windows is so popular. So the bomb makers who create these things want to break Windows, not any competitor. I still see no reason why that 'price of success' prevents M$ for doing something suggested above.

[ShadowAce]

The reason Linux remains rarely attacked, is not due to popularity (or lack thereof--that's a whole 'nother issue), but for the reason you just gave.

Linux prevents or allows reading/writing to disk based on the user running at that time. Since most people don't run as root most of the time, access to system-level files and directories is usually prohibited.

As a result, virii cannot proliferate as easily in that environment.