In message , John
Rumm writes

Versions of windows in the 9x line (i.e. 95, 98, ME) don't support any
of these concepts. Anyone sat in front of the computer has complete
control over it. Hence any application they run also has free reign.

Versions of windows in the NT Line (NT3.5 - 4.0, Win2K, WinXP, Win
Server 2003), however do support these concepts. They have a root
account that is by default called "administrator". A well setup system
can be orgainised in exactly the same way as the typical *nix system.

However there is a cultural difference. Very few of the people now
using these systems are instructed to create themselves a less
privileged account to use for day to day activities. Microsoft don't
shout it from the roof tops, even though they know it to be a good
thing. In the case of Windows XP Home Edition, they even hide the fact
that these capabilities exist, and hence you automatically end up doing
everything with administrator privilege. Presumably this is because
they feel these concepts would add complexity for the user, especially
the one who has graduated from the Win98 system, and is used to being
able to install what they want, when they want, without giving it a
second thought. However by allowing them to use the system without
having to lean some of these security fundamentals, they lay them open
to all sorts of future problems.

Another factor is that many Windows-only software writers don't really
understand permissions, and some software (even when 'designed' for XP)
will not run without administrator permissions. Indeed,
Microsoft-trained professionals have been known to advise that users be
given admin privileges on workstations on Small Business Server
networks, to make SBS itself run properly.
--
Joe