I'm still confused. Why are they run in a virtualized environment then? Can a Windows Store win32 app change system display gamma settings? Monitor all network traffic?
From what I've seen, most of the virtualization that remains is filesystem/registry virtualization, primarily with the goal to insure clean install/uninstall. Security is handled in most of the usual Win32 manners (user token privileges, UAC, et al).
From your examples, I believe gamma settings would be accessible, but every tool I've seen that reliably monitors all network traffic uses a kernel-level driver and I don't think you can install kernel-level drivers from the Store right now.
From your examples, I believe gamma settings would be accessible, but every tool I've seen that reliably monitors all network traffic uses a kernel-level driver and I don't think you can install kernel-level drivers from the Store right now.