Why if there's a (new) Windows bug, it often allows anyone to take over control of your PC?

Shouldn't it be, per default, that if there's a bug, the whole program is caught in a sandbox or is just terminated? Security is even more important than stability, so even a terminated program is better than to allow a buggy unsecure program to continue to run.





Is it a problem because Windows isn't build up in independant modules like Linux?


Is it because Windows software is closed source, so that no 3rd party can check for errors?


Is it because there are generally running too much backgroundprocesses/services?


Is it a combination of those, or is there another big factor?





Why is it that, after the big increase of Vista usage in the Netherlands, suddenly the number of botnetted PC's also increased big? Is it because Vista is less secure than XP?


Maybe they paid too much attention to lock in strategies and eyecandy instead of security?





When is this big Windows mess f-i-n-a-l-l-y gonna end??Why if there's a (new) Windows bug, it often allows anyone to take over control of your PC?
If someone can trigger a buffer overflow in a program or process they can gain access outside of the program. In linux everything by default runs with limited permissions so there is nothing anyone can really do. In linux you have to SUDO yourself permissions, In windows everyone is very lazy and just runs with Full Admin privileges so all processes have full system access.