Much of the security that comes with most linux distros is due to how software is installed. On windows, you typically install random .exe files online and have to put your trust in whoever provided you with the installer. On linux, it’s much more common to use a package manager to install packages, which means you are putting your trust in the package repositories instead, which can be policed by the maintainers who can decline to add suspicious packages.
Much of the security that comes with most linux distros is due to how software is installed. On windows, you typically install random .exe files online and have to put your trust in whoever provided you with the installer. On linux, it’s much more common to use a package manager to install packages, which means you are putting your trust in the package repositories instead, which can be policed by the maintainers who can decline to add suspicious packages.