One of the single biggest reasons many users migrate from Windows to Linux is increased security. So, what is it about Linux that makes it more secure? The answer is simple: design. Modern Windows (XP) is the marriage of two development trees of the Windows Operating System: the 9x and NT trees. Windows NT was the professional version that grew from the VMS operating system; The 9x tree, includes Windows 3.1, 95, 98 and ME. It is these versions of Windows that became popular with users, but it is the also the ties to the 9x tree that is the security problem.
The Windows 9x tree is single user and went much futher than that in terms of lack of security. Since they were single user, the user was by definition 'administrator' and had full access to all system resources. Exploited vulnerabities therefore could not be contained to a non-priviledged userspace. Usernames were only used for network identification, not really as a true authentication mechanism. In addition, these systems were based on file systems (FAT16 and FAT32) that did not have file permissions.
Even in the NT tree, the situation is not much better. You can define priveledged and non-priveledged users in NT based systems, but there many flaws in the design. A lot of software, including some written by MS itself, will not run properly unless run by a priveledged user. In addition, there is no easy way to gain priveledge for certain tasks. These two facts conspire to push users to run as privileged users thus negating the supposed 'security' in using limited user accounts. Beyond user privilege, while the NTFS file system does provide file permissions, the default settings are wide open and one must manually restrict access where desired. Further, NT based systems have the ``Everyone'' user which must be handled very carefully to secure a Windows system.
As stated, Windows XP, formally Windows NT 5.1 but with 'features' to appeal to home users used to the 9x products, is a marriage of these two Windows trees. Windows XP Home has only rudimentary file permissions, the limited user accounts are too restrictive (many applications do not work properly) and cannot join a network domain. Windows XP Professional is a typical NT tree product.
Linux, a derivative of the Unix OS, was multi-user from its inception. The concept of privilege was built into the design from the start and rests on the maturity (two decades of real world testing) of Unix. Except for system tools, most applications in Linux do run properly when run as an 'ordinary' user; to gain privilege, one can ``su'' and provide the administrative (root) password. File systems provide per-file permissions for 'user,' 'group' and 'other.' It is easy to configure Linux so that default file permissions are quite restrictive, forcing the administrator to willfully 'open' the security where needed.
Other security design differences exist between Windows and Linux, and only a few are given here as examples. A default Windows installation tends to omit key components that enhance security and others that destroy security are installed and activated by default. Many Linux distributions can be installed with different default security models and locking a Linux system is typically much easier. Another example is the included firewall capability; Linux has included packet filtering since the 2.0 kernel version. This firewalling capability has led many sites to use Linux computers as stand-alone firewalls to secure important networks (often, with a Linux system providing security for a network of Windows client computers). Windows XP, released about five years later, did include a firewall; however, in the initial firewall included with Windows did not work very well, though the upgrade to Service Pack 2 reportedly improves the firewall. Finally, the modularity of the Linux system (see Section 7) improves overall system security.