Re: Some people are very suggestible.
I imagine the difference that accounts for the equivalence, is exposure.
The first step in exploiting a vulnerability is obtaining access via the required vector.
Joomla web sites are... well... web sites. Usually very accessible, being on the web and all.
The flaw in the Windows authentication system on the other hand (as far as I can tell from the register coverage at least) would seem to require physical access to the machine (the contents of memory being involved).
Could be wrong tho.