Windows XP (released 2001) was not secure(able) until SP2 and the introduction of the firewall. After that it remained insecure mainly due to lack of user education / UAC enforcement. And even today Windows has a huge attack surface due to legacy code compatibility. MS's job is an unenviable one.
Windows XP was securable without a firewall. A port filter does little if no ports are open and as used by most users (deny all for port, allow all for port) is no better than just stop the listening process.
Now, it did require a few hardening steps, the same found on any default install of a Unix system or any multi-user operating system really :
- shutting down unneeded system services
- locking down the account and changing the administrator password.
- creating unprivileged users and forcings users to use those to perform their daily tasks.
- Enforcing proper permission schemes accross the filesystem (making most filesystems read-only to unprivileged users).
OS X, coming from the Unix side of things had UAC built-in and with Apple's relatively rapid obsolescence (of OSes) means that vulnerabilities are much harder to exploit.
There is no such thing as UAC in Unix (the SUS). UAC is not sudo (that would be runas, available since... well... Windows NT really and the true multi-user version of Windows).
It's quite a big misunderstanding of what UAC actually is to think it's just some vulgar sudo implementation. It actually has to do with Windows XP and onwards use of RDP to render the local desktop and very little to do with privileged execution (which is what runas is for on a Windows system).
As for other "security profile" applications like sudo, RBAC, AppArmor, etc.., well, they aren't part of Unix either. They're used in the Unix world (HP-UX and Solaris using RBAC, the BSDs using sudo, etc..) but they are not part of Unix as far as the SUS goes iirc. Your system can be branded Unix '03 compatible without implementing these kind of privilege escalation mecanisms.
----------
Yes, but by PC they mean Windows-PC. Either that, or they think all Mac users are part of the Post-PC era.
Actually they mean IBM Compatible PC, which is where the term designating a x86 computer with a BIOS running Microsoft software originates from. This morphed into the Wintel machines in the 90s, but the PC acronym stuck to them. To this day, PC means Wintel, a throw back to the roots of the IBM PC 5150 model and the subsequent clone market launched by Compaq's reverse engineering of the BIOS.