Re: I suppose
@RICHTO. I'm not sure that what you post really makes much difference (I haven't checked your figures). There certainly are vulnerabilities for both Linux distributions and Windows Server. A competent cracker will be running through all the latest ones if they're targetting your servers. Whilst number of vulnerabilities is obviously relevant, the far more significant factor is actually how quickly they are updated and how rigorous the sysadmins are in both applying those updates and in configuring things right in the first place.
I use Linux servers for the time being (I have one Windows Server I was asked to set up for a colleague) but I would take a Linux server managed by someone who knew what they were doing and wasn't overworked, over a Windows server managed by a different person, and vice versa any day of the week.
Show me stats not on numbers of vulnerabilities, but on how quickly they are made available to the users, and you might start to convince me. But other than that, Sysadmin competency is the first weakness, ime.
(Caveat: I am a programmer and a project manager, not a sysadmin. But I've known enough).