According to two Princeton University researchers, many popular applications in the Windows world make changes to the operating system that could open the door to various attacks. They named AOL Instant Messenger and Photoshop as two culprits that suffer from some badly-written code, though the companies responsible for both have since fixed the vulnerabilities that Govindavajhala and his co-author Andrew Appel discovered.

Another Princeton computer scientist who is familiar with the paper said that the research shows just how widespread these "privilege escalation" problems really are.

"For the average user, it's a reminder that software applications can open security holes and that application vendors do make mistakes that can cause risks for users," says Ed Felten, a professor of computer science and public affairs. "No application should be considered completely safe."

While it was mentioned that none of these vulnerabilities are exploitable over the Internet (but rather require local access to the machine), it just goes to show that even a diligent Windows user who regularly installs updates and is conscientious of crapware is really at the mercy of the applications that they use.

I'm willing to put money on the fact that these vulnerabilities are all centered around the bloated and useless start-up items that every application and its mother wants to install, that usually run with Administrator priviledges. You know what ones I'm talking about ... you have a virgin installation of Windows, and after installing your usual set of applications, RAM usage is double that of before the applications were installed, you've got 12 new items in the system tray, and 24 new processes in the Processes tab.

Developers need to clean up their act. We don't want your stupid start-up items. They're useless. They slow down our computers. Get rid of them.