Linux isn't perfectly secure, but Microsoft Windows is architected for security failure, as IT Wire points out. Good design decisions in Linux may well account for the glaring difference between security in Linux and insecurity in Windows:
The reality is Windows is naturally insecure for a variety of reasons, not least being Windows' users were always conditioned to login and run programs as the administrator user. Windows Vista has made an attempt, too late, to stifle this behaviour but the far number of complaints about the intrusive UAC box is testament to how many ordinary, daily, Windows tasks require administrative privileges - not necessarily due to legitimate need, but often just bad programming.
By contrast, Linux users are well accustomed to the notion of having an "ordinary" login, separate from root, with no special enhanced system rights or access. A good deal of the credit for Linux' security and general virus-resilience is due to this natural, ingrained self-constrained behaviour.
Assuming this is true, why didn't Microsoft think of this? The company surely has enough money to hire the best and the brightest. Yet it makes fundamental design errors.
Well, in the past, but isn't Vista better? Microsoft has made security a hallmark of Vista, and the reports I've read suggest that it has succeeded (mostly), the only problem being user aggravation at UAC (see above). So has Microsoft learned its lesson?