If M$ Windows had the security architecture that Linux has, i.e., running as standard user and requiring a password to borrow from root to perform administrative tasks, there would have been no need for HIPS software. The first account that M$ Windows creates is a Computer Administrator account, equivalent to root in Linux. That is why HIPS software, e.g., Comodo Defense+, acts as a band-aid to protect critical Windows resources. Had M$ Windows set the first account as Limited/Standard User and required a password to borrow from Computer Administrator, there would have been no need for third-party HIPS because IMHO requiring a password to borrow from Computer Administrator/root is an internal HIPS, i.e., intrusions are prevented until the password is entered. Sure, Windows Vista and Windows 7 have UAC to mimic what Linux is doing, but what about those folks still on Windows XP? To upgrade to Windows Vista or Windows 7, you have to actually buy the software to perform the upgrade. Getting Comodo Defense+ OTOH is absolutely free. M$ should have implemented UAC right from the start. That way, no one would have gotten infected with malware and everyone would understand and be accustomed to the security afforded by UAC. Now, folks on Vista and 7 who turn off UAC are doing so because they are not accustomed to always confirming admin tasks and are skeptical about the security afforded by UAC.