You may have heard of this security bug involving Razer gaming mice <https://arstechnica.com/information-technology/2021/08/need-to-get-root-on-a-windows-box-plug-in-a-razer-gaming-mouse/>. Basically, when you plug such a mouse into a Windows system, it automatically downloads and runs an installer “wizard”, which opens a File Explorer window to let you choose where to actually put the additional software. However, this File Explorer instance is running with full admin privileges, without the user’s prior knowledge or consent. How does this happen? Because the buggy version of the installer has been accepted as part of Microsoft’s “Windows Catalog”, which means your Windows installation trusts it with extra privileges purely on Microsoft’s say so. As if we needed another reminder that, with a proprietary OS, you are never really in control of your own systems ...