From a purely theoretical viewpoint, Original Windows had virtually zero security, Linux had basic security, Windows NT had good security and selinux has very good security.
Windows was originally designed for single users who (of course!) trusted themselves, and everything was designed to be easy to drive everything else. Unfortunately, a pretty good definition of a virus is "something that drives something else".
Linux gets its security from Unix, and I think that it may have received input from Multics and GECOS. Regardless, Unix spent a lot of its childhood in colleges and college students are obnoxious twerps prone to prank, screw around with stuff that doesn't belong to them, and occasionally outright sabotage. Unix machines were not PCs, they were shared minicomputers, and thus is was essential that the infrastructure would permit multiple users to remain unmolested while at the same time facilitating collaboration using shared resources. So security was always a consideration.
Windows NT was designed for networked use, and the NTFS filesystem has extended attributes that allow very fine-grained assignment of security privileges. Unfortunately, it has to be compatible with legacy Windows, so the realization falls far short of the potential.
Windows XP service packs, Vista and Windows 7 all have been attempting to close the #1 security hole in Windows, which is too many apps expecting to have admin rights for trivial purposes. However, it's my understanding that there are critical security holes in the Windows timer and graphics core services that cannot be plugged or virtually every Windows app ever written will cease to function.
A lot of the more recent exploits invade via Flash or Adobe Reader and that means that they can attack virtually any OS user. The key
word here, however, is
user. Linux only operates with root privileges when there's no alternative (or the app was written by a fool), so a lot of mayhem can be done on the user's account, but relatively little on other accounts or the OS itself. However, if your own account happens to have files containing your SSN, credit card numbers, and so forth. that may be of small consolation.
Selinux bumps up the ante, since you can add extra restrictions on things. I don't think it goes quite as far as IBM's RACF mainframe product, where you can set up rules like "John Smith can only run application XYZ using "A.B.C" as the input file and "D.E.F.G" as an output directory and only when logged in on terminals 21A-21F between the hours of 3 and 4:15PM on Thursdays", but it comes close. The main problem is that doing this kind of stuff in Selinux is the blackest of Black Arts. Few people understand the process and even fewer bother. Especially since (as Richard Stallman likes to point out) a lot of the apps aren't "Linux" apps, they're
GNU apps - or something similar, so they aren't tightly tied to a security system that's specifically for Linux and is often switched off by frustrated users even there.
In any event, the biggest security hole in any system is located between the keyboard and the chair.
Oh yeah. I have been using OpenOffice for years to do advanced technical writing and spreadsheets and don't miss MS Office in the least. I MIGHT if I were doing a lot of VBA Excel macros, but I don't.