Secure is possible.
Unlike other commentards here I think it is perfectly possible to write secure code. So I could agree with you in principle. However, if you are suggesting that MS is the only one that has insecure code, then you are simply mistaken.
Anyway, secure code is simply not written for consumers because the difficulty of making secure systems is exponentially linked to the complexity of the system. Then you have the features that users demands (or the developers try to push) that are inherently insecure. For instance, most applications on my computer that can access Internet, and thus be accessed by it, has no bloody need to do so, or the fact that e-mails allow more than plain text. So in a system that is meant to be used by idiots, is vastly complex and includes inherently insecure features you will have security holes. You can remove a lot of these holes before you release the code, but the cost to discover each hole is inverse proportional to the amount of holes left. So basically you can double to development time and cost and remove half of the bugs left.
But if you are willing to strip away a lot of features, reduce program cross-overs (one program for each task), spend ten times for the license and be happy with ten year old hardware, sure you can have something that is almost, but not entirely secure.