well in fairness to the guy he’s probably not all wrong.
The majority of exploits in windows xp etc are due to buffer overflow exploits and thats something most coders will know about. Way to fix them is by bounds checking (languages like java do this for you, although nothing is to say you cant crash the virtual machine and load some piece of malicious code, coz the vm is in traditonal c\c++. Overflows have been around since programming began.
Seem to me most MS programmers (majority of all prorgammers) are too lazy to put in the bound checks in the first place, so they have to keep re-issuing patches which now put them in one by one, as new virus emerge which find these wholes of shoddy coding.