WER was actually invented to find new exploits in software, especially programming errors that provide admin access; info to sell for huge profit.
No offense my friend but there are so many wrongs in this phrase alone... I don't know where to begin with.
1. Even today there is no software that can find exploits on other software automatically... If it did exist. all hackers would be useless since this is the reason they live.
2. Getting admin access is not so hard if one doesn't take care of the hardware locks also, and so no, it doesn't have huge profits at all. Especially back then, without Secure boot and UEFI, all you needed was a dos boot disk and to know which file to edit. Just google for windows admin access and you will get millions of results.
3. I could go more with the MS sells to who exactly and what do you think is profit for MS, a 2 TRILLION dollar company? Do you think they care to sell an exploit for $1000 or $10 000 when they actually pay 10 times that to learn for new exploits (bug hunt programs)?
Please we all need to understand something. A secure PC is 50% software and 50% hardware. By hardware we mean, enabling Secure boot, and UEFI mode instead of legacy mode, and having a decent bios password. Restric USB/Network boot. By software we mean decent Admin Password, using a NON-admin account for everyday things, use Bitlocker on the system drive. Just the above will make your system 95% impenetrable and almost 100% safe from all script kiddies and wanna-be hackers. Think about it, you can't boot a win PE or linux (kali) hack tools, to extract/reset passwords, you cant change BIOS options to enable boot, you don't have admin access, and your files are encrypted in case someone removes the disk from the PC or tries to reset bios.
With Windows Vista there came Windows Error Reporting. Oh how users were proud to submit all the errors. "The error reporting feature enables users to notify Microsoft of application faults, kernel faults, unresponsive applications, and other application specific problems." But did actually anything get fixed that way?
Yes, it did. How do you think bugs are found and fixed without knowing where the problem is? The fact that they don't advertise it has simply to do with.., pride or fame. But if you check any changelog of most software, you will find it there. "After reports, we identify this and that problem and fixed it".
Many years later I read in an article (was it by Snowden?) that the WER was actually invented to find new exploits in software, especially programming errors
I am sorry to say but either you read it wrong, or whoever wrote the article you read, wrote it wrong. Let me show you how simple it is. WER has 6 levels of reporting, 0 to 5. Level 0 was the NON-critical and not important errors, Level 5 was the High risk - Very important System errors. Levels 1 through 5 were ALWAYS encrypted. Level 0 was not. The reason is that Level 0 reports could be used by local/network admins to detect and correct issues internally within a company. If they were encrypted, MS would have to give access to all levels for obvious reasons. So yes, if one could read said error reports, they could see or guestimate what was going on in the PC... but here is the real issue. If a person has access to your PC and can access the error report folder... what stops him from gaining much more detailed information with other, much better ways? A person with admin access to a PC can see EVERYTHING, and windows report logs would be at the very bottom of the list of things to check.
We need to distinguish the theoretical vs practical implications and limits of getting access to data from a PC.
If a knowledgeable person can have physical access to a nonsecured PC... that PC is screwed and so is its owner... period. It doesn't matter what it runs, if I can have physical access and boot what I want... the PC will get cracked and info will be stolen, with very few exceptions.
Just food for thought.
