An NT/2k admin has to visit Microsoft Security Site every day to keep up to date. There is nothing inherently less secure as far as an OS goes. It's all a matter of network, server and data security as a combined effort. I guarantee if you were to put a Linux box behind a router with no ACL and no firewall in front of it, it would be hacked just as quickly as any Win2k server you could put out there. It's a comprehensive effort on several fronts that all lead to higher security, no one OS or platform will provide that, otherwise every business would run Linux and NEVER have to worry about getting hacked.