The problem with Microsoft is that they have a strict testing schedule for all software, including fixes for exploits. They just try to keep it quiet as long as possible and hope it doesn't spread too quickly once it's announced on the CERT list.
A lot of people will swear by Linux for security, but unless you know your way around the distro you use you're no better off than you would be using windows. Sometimes worse, because there is that false sense of security. Best configuration is to set your firewall to paranoid to start with and then unlock ports as you need them