A often repeated fallacy is that Windows is more prone to security vulnerabilities because it has the largest installed base among desktops and servers, both at home and in the corporate world. The fallacy says that if Linux and Apple had a similarly large installed base, they would also be found to be vulnerable.

This claim seems to be widespread even among those who are technically savvy. The facts do contradict this claim. For example, Apache is the most widely used web server on the internet, with more web sites running it than all others combined. Apache is not found to be prone to attacks and security issues as much as Microsoft IIS for example.

Here is a nice security report that details this point, and many other points, comparing Linux and Windows by Nicholas Petreley.

If you want just a brief summary, then read this Myth/Fact article at The Register.