The Windows Task Manager can make you cry
On my Windows 7 Pro workstation, I have the following dozen instances of SVCHOST.EXE. Here's a list of Windows services that each instance is responsible for:
svchost.exe -- Power, PlugPlay, DcomLaunch
svchost.exe -- RpcSs, RpcEptMapper
svchost.exe -- Wscsvc, LMhosts, Eventlog, DHCP, Audiosrv
svchost.exe -- wudfsvc, UxSms, WmRdpService, TrkWks, SysMain, PCASvc, Netman, HIDServ, CscService, AudioEndpointBuilder
svchost.exe -- WuAuServ, WinMgmt, Themes, ShellHWDetection, SessionEnv, SENS, Schedule, ProfSvc, MMCSS, LanmanServer, IPHlpSvc, IKEEXT, GPSvc, CertPropSvc, Browser, BITS, AppMgmt
svchost.exe -- WdiServiceHost, W32Time, nsi, NetProfm, fdPHost, EventSystem
svchost.exe -- TermService, NlaSvc, LanmanWorkstation, DNSCache, CryptSvc
svchost.exe -- MpsSvc, DPS, BFE
svchost.exe -- StiSvc
svchost.exe -- PolicyAgent
svchost.exe -- WCNSvc, SSDPSrv
svchost.exe -- WinDefend
If this *ONE* *FILE* got infected by a virus, can you even imagine the damage it could do?
ONE .exe file is responsible for everything from secure IP communications to drawing the stupid glass transparency effect on my windows.
Even better, each "group" up there is running as a SINGLE PROCESS. *face-palm*
That's a stupid, stupid, HORRIBLE idea. It would be, even if those processes were running as an unprivileged user account. But they're not! Oh, no, it gets better! That one file is running as "SYSTEM", "LOCAL SERVICE", and "NETWORK SERVICE". Yeah. Free access to the whole disk and the whole network stack. Bitchin'!
The nice, warm, cozy feelings I get when I realize this exact same architecture is used on the US Defense Dept.'s servers.... Fills me with joy, sirs.
The Windows Kernel may (or may not) be secure. Everything running on top of it is a horrible, ugly, rotten mess. But hey! It's #1 for a reason, right?
We use Microsoft products because we bought an enterprise agreement, which we bought because we use Microsoft products.
I will never understand business mentality.
