@Gargron On the fly patching is possible on Windows because there’s no security model to prevent it. On all major Linux distros for example, packages are cryptographically signed so manipulations would be detected. It’s so secure that most repositories don’t even bother using transport encryption (they use plain HTTP). Meanwhile on Windows it’s normal to run an unsigned installer from a third party source which could be infected without you knowing. 🤷🏻‍♀️