the underlying model is far more advanced than what traditional Unix has to offer.
No. That's exactly what part of makes Windows so insecure.
The security model is so "advanced", convoluted, and complicated, that the implementation cannot possibly be correct in any realistic universe.
There are so many errors and holes in Windows' implementation of security, AND holes in administrator practices, that you are pretty much guaranteed things will be insecure.
Yeah, you can do fancy things like run different services as unprivileged users. What does the average admin wind up doing, when installing software?
Accepting insecure defaults... run the application as administrator... run the service as LOCAL SYSTEM, etc.
Let us not forget all the registry key troubles and DLL hell, man, malware messes up your registry like a Dog on crack
If vim and emacs merged into one application, would the resulting application donate Richard Stallman to Uganda?
No, more likely North Korea
"Most people would like to be delivered from temptation but would like it to keep in touch." -- Robert Orben