We already know that Microsoft hides patches or flaws that are being addressed because it admitted this after we had shown more circumstantial evidence [1, 2]. It is clear that more journalists should call out Windows for its unique security problems (the Windows manager said that their "products just aren't engineered for security") and also approach Microsoft's claims a lot more sceptically. We have gotten evidence to show that what Microsoft claims about security is not the truth, it's just for PR reasons. This month Microsoft acknowledges at least several critical flaws (there may be plenty, but the code is kept secret, so nobody can really verify):
Microsoft plans to release a dozen bulletins on Tuesday – three of which address critical flaws.