Microsoft PKI was because they were not doing world class security practice. For some reason, consumer environment could sign corporate environment logins. Also, they acquired some company and instead of issuing them new hardware to ensure it wasn't compromised, they just let them onto their network.

When you read the report, it was very clear that Microsoft wasn't doing "World Class Security Practice", they were taking shortcuts like everyone else does.

Yup. They fucked up pretty bad. How many places do you think are worse than them?