6 points
This is also MS’s fault because they never provided a proper API for security products like MacOS, so they end up having to run them all inside the kernel.
The reason for this omission was to give a competitive advantage to their own security products while also being cheaper.