No, it's the upgrades which are usually purchased. But the upgrade is the same thing, just requires proof of an existing OS (whether installed or by having a CD).
That poor choice has nothing to do with the design of Windows.
Microsoft designed it to be insecure out of the box to make it possible for the average user to do anything he would normally want to, just as the OEMs do. I'd say it does.
Apple produces OSX. It is the OEM. Consequently, I'm not surprised that Apple preconfigures its machines with appropriate accounts. But blaming Microsoft for Dell or Gateway's failure is just BS
The basic architecture of a *nix system for years has had this better structure of user accounts. Microsoft has had their current poor structure since NT.
For Apple, "out of the box" means Apple has preconfigured the machine to its specifications and delivered it to the user.
They configure it to a pretty much standard *nix configuration for security. Dell and Gateway also configure their computers to a standard Windows configuration, as does Microsoft itself when they sell the product. Face it, Windows standards are deficient.
Given Microsoft's recent stress on security, you'd think this would be one good way to help, but hey haven't. Maybe they could up the privileges of Power User a bit and make that the standard user account. But they didn't. I am getting the feeling that, despite all the fine tuning possible with Windows user accounts, privileges are designed in such a way as to preclude being able to do the *nix equivalent of admin and root.