Linux OTOH can be set up so, for example, the MySQL database could only be accessed via 127.0.0.1 if it was only for the local webserver, or opened up only to the hosts that need to access the database server.
Windows can be set up the same way, it just typically isn't. Many linux distros (particularly the ones intended for desktop users) have a policy of 'no open ports' and a lot of software like MySQL is similarly preconfigured to only listen to localhost. My experience with Windows, all sorts of completely unnecessary things end up listening on all interfaces, simply because on the chance that you happen to need those services, they'll already be installed and accessable. Hello slammer! That's great from an 'everything just works' perspective, perhaps.. but it's terrible from a security perspective.