The debate over superior OS security rages on; with each release of Windows, each new distribution of Linux, and each major security flaw found for either one. In the past it has been "proven" that one or the other was more secure, but development and patches constantly change the conclusions.
Proponents for various operating systems sometimes look at their preferred OS platform through rose-colored glasses. Or they may look at a particular principle or concept and make a sweeping conclusion regarding one or the other. Unfortunately, real-world deployments and security issues are not so simply resolved. Linux advocates have long asserted that their platform is fundamentally more secure. I've used both Linux and Windows extensively, and have found that both can be made very secure if we know what we're doing. But which one is more secure?
Does such a general question really mean anything?
Linux could potentially be made much more secure, if we stripped out all extraneous features, hardened a custom kernel, and so forth. But if we did that, then we wouldn't be comparing a comparably featured OS. Of course we could make a custom kernel more secure! But doesn't it make more sense to look at a side by side offering of the same, or comparable features? Some Linux advocates might point out that one of the major weaknesses of the Windows platform is the inability to remove features and sets of features. They can be disabled, but often there are dependencies that make it all but impossible to completely disable or remove an unneeded feature. In most cases, those features are part of the reason that the Windows platform is even chosen or preferred.
So, when comparing security between "Linux" and Windows, I assert that the comparison include on the Linux platform: a SMB file sharing system (Samba), a web server (such as Apache), a directory server (perhaps OpenLDAP), and so forth. I often find the strident insistence that Linux' security is superior begin to evaporate at the point that we include all such services, and begin looking through bug tracking databases for security problems with these various applications.
Sorry, it's not that easy. I can't simply decide that one or the other is more secure and hand down that verdict--especially not in the scope of a single article. Before you grab your pitchforks, tar, and feathers, consider this: the competition between Linux and Windows is making both more secure all the time. Both are far more secure, or can be configured to be more secure, than possible just a few years ago. Keeping this question alive and comparing both platforms (and their component parts) with each release helps everyone. In your efforts to secure your systems, even if you find several security problems, don't throw up your hands and switch platforms. Your time and effort invested are worth something. If you know one platform better than the other, that's worth quite a bit in keeping things secure as time goes on.