Editing Windows 9x (section)

====Security====
Windows 9x is designed as a single-user system. Thus, the security model is much less effective than the one in Windows NT. One reason for this is the [[File Allocation Table|FAT]] [[file system]]s (including FAT12/FAT16/FAT32), which are the only ones that Windows 9x supports officially, though Windows NT also supports FAT12 and FAT16 (but not FAT32; which wouldn’t be supported until Windows 2000) and Windows 9x can be extended to read and write NTFS volumes using third-party [[Installable File System]] drivers. FAT systems have very limited security; every user that has access to a FAT drive also has access to all files on that drive. The FAT file systems provide no [[access control list]]s and [[Encrypting File System|file-system level encryption]] like [[NTFS]].<ref>{{Cite web|url=http://www.theeldergeek.com/ntfs_or_fat32_file_system.htm|title=FAT32 or NTFS: Making the Choice|website=The Elder Geek|archive-url=https://archive.today/20120527005344/http://www.theeldergeek.com/ntfs_or_fat32_file_system.htm|archive-date=May 27, 2012|url-status=dead|access-date=April 22, 2019}}</ref>

Some operating systems that were available at the same time as Windows 9x are either [[multi-user]] or have multiple user accounts with different access privileges, which allows important system files (such as the kernel image) to be immutable under most user accounts. In contrast, while Windows 95 and later operating systems offer the option of having profiles for multiple users, they have no concept of access privileges, making them roughly equivalent to a single-user, single-account operating system; this means that all [[Process (computing)|processes]] can modify all files on the system that aren't open, in addition to being able to modify the boot sector and perform other low-level hard drive modifications. This enables viruses and other clandestinely installed software to integrate themselves with the operating system in a way that is difficult for ordinary users to detect or undo. The profile support in the Windows 9x family is meant for convenience only; unless some registry keys are modified, the system can be accessed by pressing "Cancel" at login, even if all profiles have a password.  Windows 95's default login dialog box also allows new user profiles to be created without having to log in first.

Users and software can render the operating system unable to function by deleting or overwriting important system files from the hard disk. Users and software are also free to change configuration files in such a way that the operating system is unable to boot or properly function. This phenomenon is not exclusive to Windows 9x; many other operating systems are also susceptible to these vulnerabilities, either by viruses, malware or by the user’s consent.

Installation software often replaced and deleted system files without properly checking if the file was still in use or of a newer version. This created a phenomenon often referred to as [[DLL hell]]. Windows Me introduced [[System File Protection]] and [[System Restore]] to handle common problems caused by this issue.