Microsoft has never been known for either being innovative or being responsive to customer problems. In fact, with every new release of operating systems or office suites, major parts are rewritten, leading to a high probability of a whole range of new bugs. Buffer overflows are quite common problems and could be avoided (because you know exactly where they are likely to happen) by the software developers... The same holds for many security issues (e.g., default settings of Outlook, Internet Exploder and others). However, the past clearly indicated that no major attempt has been made to make Outlook more secure (pardon me, secure... "more" implies there is already security :-)), make the usage of IE as an Internet browser less problematic, and keep spyware out of the operating system (in fact, Microsoft itself includes such).
Therefore, while with most software I would recommend going the "standard" way as mentioned at the beginning of my posting, I do recommend going public with security flaws and bugs in Windows-related products because otherwise Microsoft won't respond in a reasonable fashion. I would claim that many bugs are known but do not get fixed until somebody complains. People just live with the deficiencies because it is easier than to keep sending messages to Microsoft support and get no replies.
Cheers, --gandalf.
"In a world without walls and fences, who needs windows and gates?"
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html