Well they are doing some stuff. Like taking GDI for display and printers out of kernel mode. Looks like all the traditional GDI stuff will be done entirely in usermode, with the result sent as a texture through Direct3D. This should significantly reduce the complexity of graphics drivers and increase overal stability.

But other stuff seems to be being added to kernel mode, like the HTTP handler to speed up Indigo. I'm a bit concerned that the real-time stuff for "glitch-free" video is going to unnessesarily increase the kernel complexity.

The NGSCB stuff is supposed to provide a level of memory protection over and above kernel mode, but I don't think it would stop things going wrong since it is not in overall control of the computer.

Theorectically would it be possible to move to using more protection modes? The original reason for only using rings 0 and 3 was for portability to other processor architectures that only supported 2 modes. Except soon all the other architectures were dropped and only x86 was left. How many protection modes do IA64 and x86-64 support?
I guess it would take too much work to make such a fundamental change.