Sure, I too believe that no particular OS is completely secure.
But windows is designed to be insecure and a big commercial ecosystem runs with this design.
^^ No, windows is not designed to be insecure. Its just that because of its market share there are thousands of hackers and malware writers trying to find new attack vectors and writing malware to utilize them.
To start with, I give a question to think about:
"What special codes do so-called 'anti-virus' makers write that microsoft can't write?"
There are several types of malware. Viruses are one of them. There are several types of viruses as well. Anti Virus scanners usually rely on virus signatures which are recognizable patterns found in virus code to identify them. They also rely on other techniques like Heuristics to identify many potentially harmful software. Newer versions of windows already has some of the features of a standard antivirus integrated into the OS. Its the signature and other similar techniques that require data collection and large scale analysis that we rely on separate anti virus for.
Make no mistake, when you have as many writers of malware for other OS, it would be same situation for them as well.
And microsoft is under obligation to provide a secure OS to its 'consumers'.
In fact, microsoft is well known for releasesing security-patches with delays or sometimes long delays.
In contrast, I had once seen security patch released within 24 hours of reporting vulnerability for some obscure OS.
Microsoft will never never act so swiftly.
Misconception for the most part. Microsoft is fairly responsive about critical issues, however due to the popularity of the OS, they have far more attackers and issues to deal with and they still do a fair job. Apple for instance which in next in line for desktop market is far unresponsive with both security as well as normal bug issues. They are so lazy that they don't release patches even when its just a matter of integrating a fix that Google has done.
FYI, the first Ransomware to use Public key cryptography was developed for and demonstrated on a Mac back in the 90's.
During the course of my work experience, I have reported bugs to both Microsoft and Apple and have experienced their attitude and response times first hand and let me tell you that Apple is quite lacking. They actually seem to think that they can afford issues to stagnate because not many are out there trying to exploit them and that actually makes sense.
Linux does not have much desktop market share. But Android is for all purposes a flavor of Linux with Linux kernel and because of its widespread use on mobile and desktop, it has just as many attackers as Windows on desktop and has proven to be just as vulnerable.
In our production systems, we have a mix of Linux, Solaris and Windows based servers (mainly because of acquisitions and merges of multiple companies) and the most successfully attacked parts of our sub systems are the Linux servers. Not once have I seen our Windows based servers being attacked and broken into? Why do do you think that is? No, its not because Windows servers are more secure than the Linux ones, its because the hackers are more interested in the Linux sub systems. Its the same story for malware. When Malware writers become really interested in Mac OS or Linux, there will be no stopping them. Every day new attack vectors would be found and quickly exploited.
