Note: this works for api version 44.0
Turns out there's a trick to doing this with the Metadata API
<types> <members>Support</members> <name>Profile</name> </types> <types> <members>Support</members> <name>Profile</name> </types> <types> <members>Account.Custom_Record_Type</members> ... <members>Task.Custom_Record_Type</members> <name>RecordType</name> </types> <types> <members>Account</members> ... <members>Task</members> <name>CustomObject</name> </types> <types> <members>Account.Custom_Record_Type</members> ... <members>Task.Custom_Record_Type</members> <name>RecordType</name> </types> <types> <members>Account</members> ... <members>Task</members> <name>CustomObject</name> </types> ... <objectPermissions> <allowCreate>true</allowCreate> <allowDelete>false</allowDelete> <allowEdit>false</allowEdit> <allowRead>true</allowRead> <modifyAllRecords>false</modifyAllRecords> <object>Account</object> <viewAllRecords>true</viewAllRecords> </objectPermissions> <recordTypeVisibilities> <default>false</default> <recordType>Account.Custom_Record_Types</recordType> <visible>false</visible> </recordTypeVisibilities> ... <recordTypeVisibilities> <default>false</default> <recordType>Task.Custom_Record_Type</recordType> <visible>false</visible> </recordTypeVisibilities> ... <tabVisibilities> <tab>standard-Account</tab> <visibility>DefaultOn</visibility> </tabVisibilities> ... <userPermissions> <enabled>true</enabled> <name>ViewRoles</name> </userPermissions> </Profile> ... <objectPermissions> <allowCreate>true</allowCreate> <allowDelete>false</allowDelete> <allowEdit>false</allowEdit> <allowRead>true</allowRead> <modifyAllRecords>false</modifyAllRecords> <object>Account</object> <viewAllRecords>true</viewAllRecords> </objectPermissions> <recordTypeVisibilities> <default>false</default> <recordType>Account.Custom_Record_Types</recordType> <visible>false</visible> </recordTypeVisibilities> ... <recordTypeVisibilities> <default>false</default> <recordType>Task.Custom_Record_Type</recordType> <visible>false</visible> </recordTypeVisibilities> ... <tabVisibilities> <tab>standard-Account</tab> <visibility>DefaultOn</visibility> </tabVisibilities> ... <userPermissions> <enabled>true</enabled> <name>ViewRoles</name> </userPermissions> </Profile>