I'll comment on this, since security is always an issue with everyone.
As Jafo pointed out, it's one thing to question. It's another to dismiss it. I'm those who will question the result as Microsoft is trying every which way to sway people from Open Source solutions like *BSD and Linux. If it means that they have to get a company who'll favor them, then that's what they'll do. They're only wanting to advertise themselves as being more secure than their "competitors." So I find that this study and result to be "normal."
But since Microsoft has had some issues with security due to the numerous security holes and exploits that plague Windows server systems, I will question the result since it favors Microsoft. My opinion says Linux is more secure than Windows but any Linux user (real user who know how it works, the benefits and risks it provides) would argue that Linux can be made to be just as insecure as Windows. And that's the truth too, since the Linux platform isn't something one should consider "easy to use" by those who are accustomed to the GUI of NT-based systems. I've used Linux as my firewall, gateway, and a server since it can run on my P200 system. And it sure beats having to worry about security in a "security-ridden internet." But I also took precautions too, which is the very foundation to securing any server. Ports were blocked. Ports were logged. Packets were dropped when they are malformed. And packets were let through when they're proper.
The main thing to securing any server regardless of any platform, be it BSD, Linux, or Windows, is preparation. If you have a good plan and strategy for securing your network and server, it'll be hard for the attacker to take the machine down. Blocking ports to various services helps a lot and having a good firewall system in place makes it that much better. From a faraway viewpoint, I think Windows can also be just as secure as Linux. However, it's not going to be perfect, just like Linux. Keeping the system up to date and closing off unnecessary service ports is vital to keeping a system secure. And as such, it's possible that Windows could be more secure.
Yes, sounds very contradicting, doesn't it? Main point here is that, it's not surprising that Windows can be more secure. But *BSD and Linux, along with OSX Server, can be made the same -- secured, safe, and tough. I've had my Linux router provide firewall security to my network for the longest time (several years). And I've learned some time ago that I had a slightly bad configuration and yet my system was never compromised because of it. Then again, I do not run a heavy traffic site. But I do notice many times that people tried to log into my ssh server repeatedly and many worm attacks on the Apache logs.
I firmly believe Linux and other UNIX flavors are better at providing security than Windows. But that's just my opinion. Windows seemingly have too many security problems that makes me fear of using it as a firewall or even a gateway for my network. The added fact that it probably performs poorly on a lowly P200 also deters me from using Windows to do that also. Maybe it's propaganda. But who's to say that Microsoft can't promote their own products to gain as much advantage as possible? Meanwhile, crackers everywhere are busy finding whatever holes they can uncover... Let them tell us what's more secure...
