Before just touting stuff, at least provide your sources.
Windows is not compliant itself. It is the combination of the software used and OS.
Compliance is very expensive, and it is much more expensive on windows than linux.
Sorry, but quickly googling this time didnt cut >)
Still don't see your sources, maybe I missed them. You've probably never actually gotten PCI compliance for an entire organization.
Oh, and Windows IS compliant itself, running nothing but anti-virus, desktop firewall enabled, having automatic screen lockouts, currently patched, and rotating passwords in a timely (< 90 day) fashion. Just because the example I cited is one talking about an application, doesn't invalidate that Windows XP can be compliant, something you stated it could not be.
Or trying to get PCI DSS compliance for XP.
As stated above, piece of cake.