They do and for good reason.
We must not forget that the vast majority Windows users aren't very technical and as a result MS caters to them more then us techies/security geeks. We'd like to think we are more important, but we are not.
MS doesn't want to deal with support requests/compliants from those who make changes without realizing what those changes do. All 3rd parties have defaults which provide a good balance between security and performance. Even they recommend against changing them if you don't know what you are doing.
The biggest difference really, is the ease of access to those settings. We must also remember that MS has geared these settings to be used primary in business/enterprises, not by home users. In saying that, atleast they still let us geeks change them if we want to, even if it is a little more work.