This year MySql and Oracle had 60 and 70 vulnerabilities reported against them, respectively, in the National Vulnerability Database. Microsoft, with their whimsical, uncaring approach to security, had four.
Re-read that. The behemoth Borg from Redmond had a fraction of the vulnerabilities of MySql and Oracle.
Microsoft’s far from perfect, and they’ve taken some well-earned bashing for their past attention to security — but you’re going to have to work long and hard and have a lot of non-tinfoil hat evidence to convince me that they’re not deadly serious about security these days.