these can include:
- Vulnerabilities within the OS itself
- defaults
- configurations
- misconfiguration vulnerabilities
important the Comptia Security+ exam is vague about operating system vulnerabilities, focus on how the choice of operating system, it’s defaults, configuration, and support model all impact security