Having read through all the comments, I will add my 2 cents: Linux, on the desktop, in general, is more secure than Windows for one very simple reason: default configuration.
Consider, if you do a clean install of any Windows OS, XP, Vista, Win 7/8/8.1/10, you install the OS and it defaults to a root account, with full control and ability to change any setting, registry key or install/remove/run any software as you see fit.
With Linux distros it's quite different, Fedora won't continue the installation unless you create a root account (with password) and a separate user account (with password) and it strongly encourages the creation of strong passwords. Drives/partitions are not automatically mounted upon bootup, SELinux required that you entire a password to mount and access partitions and all admin processes, such as installing/removing software require a password.
Ubuntu disables the root account entirely, with no easy way of activating it, you create a suer account with a password, you do have the option of making the account an "admin" account and logging in automatically sans a password but even if you choose those options, partitions/drives are not automatically mounted (though you can mount them sans a password) but you still need a password for many things.
If Linux has one weakness that can potentially be a big security hole it's use of repositories for the installation of software; for example installing software from the official Fedora free and non-free repo but what about software that may not be available from the official repos, where you manually add a repo? Same thing with ppa's, the potential for abuse is significant. In all fairness though, the movement to distribute software via AppImage's, FlatPak's, Snap's and the like, should greatly mitigate, if not eliminate this avenue of attack, thanks to apps basically being sandboxed.
Windows security on the desktop is an illusion, I have been using both Windows since the Win 95 days (I remember having to create a boot disk to partition and format the disk, then copying installation files onto the disk to run setup) and Linux since RedHat 5.2 and a short while later running RedHat with the Ximian Gnome desktop. There was a time I was firmly in the Windows camp in the Win-Linux debates, arguing that Windows was the superior OS, you could lock down Win 2k and later pretty tight, or so I thought.
A few years ago I was running a Win 7 install with all the updates and service packs, Windows firewall set to max settings, both Win Defender and Microsoft Security Essentials updated with the latest definitions and the most aggressive settings, UAC set to max settings and I would not log in with the Admin account, instead using a standard user account. I used Firefox with adblock for browsing, I had the Windows Scripting Host disabled (I had Win XP installations that were infected with VB viruses that caused quite a few problems) and one would think that this would be a fairly safe configuration and would be immune to most attacks.
Was I in for a surprise. I've had virus infections with 2k/XP/XP64/Vista/7 but I had never had my computer hijacked, until one day I had left my PC running and went to lay down and take a nap (I was going to get back to work in a bit) when all of a sudden I hear the cpu fan running at full blast and my harddrives grinding (I had not yet switched to SSD's) away. I went to investigate and task manager reported my network activity as using all my available bandwidth. I shut down the PC, rebooted, everything was fine and within a few minutes same thing happened. Virus scans would show nothing, i started sniffing packets using WireShark and found that my PC was sending out massive amounts of data to 1 IP and receiving small amounts of data from another PC. I concluded that my PC was part of a botnet, a so-called "zombie" PC and was probably being used to ddos some target.
I immediately disabled the network, got what I thought was a clean Win 7 copy from Digital River and did a complete format and clean install and again configured everything the same way. Everything was ok for about a month and then deja vu, I left the PC running idle while I went to grab a drink, came back to hear the hard drive grinding away and the cpu fan at full blast. I'm thinking to myself "not again" but this time is was that crypto-ransomware, my screen was locked with that picture that says your files are encrypted and if you want them unlocked you have to pay (I forget how much they wanted, I think it was like $300-$400 in bitcoin) and if I didn't pay in like a day or two the files would be lock forever and they also gave you the option to unencrypt one file for free as proof that they could do it but in the meantime you could hear the disk grinding away and the cpu fan at full blast as the files where being encrypted. I just shutdown and inspection revealed that less than a dozen files had been encrypted.
This made me switch the Win 8.1, where I ran into a rather nasty virus that would let you log in, you could move the mouse, but the moment you tried to click on the start menu or taskbar the pointer would get locked to the upper left hand side of the screen and neither the keyboard or mouse would work. I was never able to clean that virus, only a clean install would take care of it and after getting one of those silly pieces of malware that has a web page that goes full screen and says that your PC is locked by the FBI or some other entity for some supposed illegal activity and if you don't call some number to pay them the cops will come and arrest you, I just had it with Windows and switched to Linux full time at home.
Funny enough, a while back I was testing out Linux Mint 17.1 on a spare laptop I have, just to see what's it's like and while browsing and following those stupid links for "top 25 pics of something or other", I Firefox on Mint was actually attacked with one of those silly web pages that mimics a BSOD that said "your Windows PC has experienced an internal error, to prevent further damage call tech support at xxx and our techs will help you fix the problem", I just laughed and shut down the page and one other time I landed on another site that tried to get the web page to go full screen and claim that my files where now encrypted and if I wanted them unencrypted I would need to contact them for the pass key, best part is it said "your Windows files" and "Windows PC".
I won't go back to Windows anytime soon, the only thing I miss just a bit is some Windows games, but I would rather buy a console and game on that then deal with all the malware and crap that targets Windows computers.