Yes, there are. The main problem, and by far the biggest flaw is that during setup, Windows assigns you to the root account by default. This is a gigantic security hole that has not been fixed in over 17 years. The primary reason that GNU/Linux, BSD, and UNIX systems are secure is that they do not assign the default user root. It's very dangerous. Ask anyone who has fallen for the "sudo rm -rf /" trick how they felt about the power of root access.
What makes matters worse is that there really is no equivalent of sudo in Windows, and the CLI utilities are very limited in nature. If one wants to install new software, there's no prompt to authenticate with your password -- if you are an admin, the system only presents you with a yes/no dialog box. The only way to secure a Windows environment and make it somewhat like a *nix system is by setting the hidden Administrator account password, and using a standard user account for daily tasks. If you need to install new software, you can authenticate with the admin password.
It's not a perfect solution, but unless Microsoft realizes how easy it is for malware to propagate in NT, this is the only option.