Not a MS fan anymore, but they have definitely not placed security behind ease-of-use, in fact, many would argue that the increased amounts of security have made it very user unfriendly in many cases. IE7 is not a bolt, it's more like a standalone product that has the option of being bolted unto the OS. So while it takes advantage of Vista, it is far from being tied into the OS the way IE6 was.

We don't have to like MS or be receptive to their software, but FUDD is FUDD, and misinformation has no place.

As far as Symantec goes, I've long since moved unto other offerings. The company stopped focusing on their customers years ago and has continously done just enough to be thought of as secure while doing very little to further real security for end users.

Funny a recent review I saw in PCplus still showed very weak security. Default user has full admin access for example.
Still trying to remember when XP has asked for the admin password and username for updates. Never has unlike Linux for example. Still I can imagine our helpdesk phones going crazy. I need an admin password to install this software package.
Anyway the weak link is the end user how many would put in the admin password if a rogue program poped up and asked for it. A lot.
Anyway using nod32 at the moment on trial. Very impressed with it so far.

The PIT; An XP box running a User Account is every bit, if not more secure than a Linux machine. Microsoft cannot be blamed for people running as Administrators, any more than your distro of choice having a Root Account, and that is that.

In the real world, business machines running Windows are on a Domain, and if they are setup correctly, do not have to have a local administrator account (or any other local accounts) on those machines at all.

True, Microsoft sets users up by default as administrators on HOME COMPUTERS, but the reason for this is mostly to allow poorly written software (Most 3rd. Party Games, many 3rd. Party Media Players, and even Mozilla Thunderbird up until just recently) to function correctly; this is caused by developers not following APIs. You yourself noted that most people would go batshit crazy if they had to enter in the Root Account password everytime they had to install a piece of software or modify a system setting.

However, there is a legitimate beef with IE6: it DOES run with many System-level dependencies, regardless of the user rights of the account which executed the program which makes IE6 fairly easy to exploit.

IE 7 fixes this, in a big way.

Back On Topic.

Very weak would be anexaggeration. It's not on par with Linux by any means, though it is far more of an annoyance in regards to authentication prompts.

Referring to Vista by the way, not XP, which was written during a time when MS wasn't as concerned about security for the Home user.

Vista b1 was very annoying
b2 has better security but is loess annoying with the security prompts.
users don't have complete admin priveleges, i tried to do something today and was told i didn't have enough priveleges to do so