Most of services in Windows are run under two privileged user accounts (LocalService or NetworkService). Many of them are enabled by default and are listening on ports on external interface so the potential attack surface is large.
Microsoft uses programming languages like C++ that is very complicated and a little mistake can lead to vulnerabilities like stack overflow, use-after-free, etc.
Microsoft (and most companies) prefers to patch vulnerabilities with updates rather than take measures that would reduce attack surface.
Oh, and by the way Linux has similar problems. In a typical Linux distribution a program run with user privileges is able to encrypt all of the user's files, access user's cookies and saved passwords on all websites, listen to microphone and intercept kestrokes.
MS had a research project to rewrite the NT kernel in a C# derived language at one point. It worked, but they decided not to go ahead with it.
Yes, but as free software, it inherently has better solutions.
Using a proprietary operating system is like driving a car only the manufacturer is allowed to fix. You don't get to fix the flat tire, and when the manufacturer drops support, you have to buy a new car. If you don't, these situations leave you stranded.
Are you saying all of the major operating systems have poor security because they use "vulnerable" languages?
My definition of "poor" is that it must have a babysitter to maintain and patch it. Whether or not this is the case depends on the attack surface, which of course depends on the complexity of what it does. A system that has no attack surface can be very buggy without having poor security. But an internet connected machine with modern windows/posix OS that does some useful work will likely need a security patch already within the first couple of years - and that I consider pretty poor.
You know, not too long ago, Linux used to run NFS on ring 0 too.
There was a good reason for those things, you can find them on the performance comparatives between CPU and network at the time.