On newer version of Windows there is a setting that doesn't allow remote capabilities for accounts with blank passwords. You still have to deal with physical security, but it is more secure than using a well know or short password.
It's interesting that Mac's used to be considered more secure than Windows until recently (and as they became more main stream and more people were looking at them). I don't necessarily think this is the case with Linux, but a systems security level is very dependent on the total composition of the software installed so if there is a smaller less well maintained package installed then the Linux system may be easily exploited. You can see this fairly easily with Drupal and other Linux based CMS systems. Basically I am simply saying that Linux is not a silver bullet like some people say, but all systems need maintenance and monitoring to be secure. Someone who is a good Windows admin may not be able to install a Linux machine and secure it very well.
Keep Up with TechRepublic