It's very very limited on configurability. It's not user friendly and you must build all the outbound protection manually.
It sure is not user friendly for most users. Though it's not limited in configurability, since you can configure it the way you want to.
Not with the outbound... If you iron it to the maximum you can even lost your connection (like any other firewall). But you need to configure it manually.
That's what I said... iron clad rule. Means you have to configure it to the maximum extent possible, but still letting your system to breath (allowing connection for those you want to be able to connect). 'lost your connection' = there's something wrong with your rule.
Well, with bad programmed software you must say. You won't expect that Microsoft does not fail and have problems. Other good software does not conflict.
You're right mostly with bad coded software and you're right that Microsoft applications has it's own quirks too. That's why I'm using Avast instead of their antivirus
However, I've seen a lot of people either in forums or my friends having troubles by using antivirus combined with other third party firewall (Privatefirewall, Comodo, OA, AO, PCTools, etc). Either it's just a simple thing like exclusion rules or complicated things like systems file being tampered with, memory problem, etc.
In the end, the so called user friendly transforming into user's nightmare to deal with... User friendly or not, it still need to be configure and there's always chance for it to be wrongly configured.
I won't call configurability just bell & whistles... Also HIPS is not bell & whistles...
What Microsoft should do is iron out the operational system itself...
HIPS is bell & whistles in term of speaking, since it'll popping and asking user question about what to do. It's good if the user have a knowledge to choose the accurate action, but most normal users didn't have that kind of experience or knowledge to choose the appropriate action hence rather than fortifying their protection, it actually singed a hole in their system. Compromising their system protection.