Nobody has to say "let's make this insecure" to have deliberately made the OS insecure. Take 98 for example. A security consious user turns on the "Show all extensions setting", and yet, several extensions remain hidden anyway. This turns out to include the dot ess aitch ess extension, meaning shell handling script. Actually making the extension visible takes a registry hack. So MS has given you a control that apperently has some utility as a security setting, then the control doesn't do what it says. Either the person writing the file settings code didn't know that the individual registry settings would override his code (unlikely), or he knew he was oversimplifying by saying all, but didn't want to say "except for some MS wants to keep hidden". Point is someone at some level decided that a scripting extension was among those that needed to be kept hidden. That's certainly a deliberate anti-security choice.
Nobody has to say "let's make this insecure" to have deliberately made the OS insecure. Take 98 for example. A security consious user turns on the "Show all extensions setting", and yet, several extensions remain hidden anyway. This turns out to include the dot ess aitch ess extension, meaning shell handling script. Actually making the extension visible takes a registry hack. So MS has given you a control that apperently has some utility as a security setting, then the control doesn't do what it says. Either the person writing the file settings code didn't know that the individual registry settings would override his code (unlikely), or he knew he was oversimplifying by saying all, but didn't want to say "except for some MS wants to keep hidden". Point is someone at some level decided that a scripting extension was among those that needed to be kept hidden. That's certainly a deliberate anti-security choice.