Your right. Microsoft is a good example, A lot of Windows features leaves you open or hogs (oink oink) resources. All the best fixes i've come across websites where the "techies" share their solutions with average people like me and you and in simple english. I take those ideas/suggestions and apply them to my PC.
For the stuff Windows leaves turned on, a helpful solution is Gibson Research. You can turn off Windows Messenger, lock your raw sockets, turn off DCOM, and turn off Universal Plug 'n Play.
All this can be done without tools by changing the default settings if you know where to look, but these little programs allow you to monitor all these security risks and turn them off painlessly.
I just got a new computer with WinXP SP-2 pre-installed, and some of these security risks are STILL left on by default. They should all be turned off unless you are in a workplace where they are needed. If you do need any of these functions at any time, you can use these little tools to turn them back on (temporarily).
http://www.grc.com/freepopular.htm