Another recycled Quora answer.
The main reason is fairly simple.
Windows was designed to be easy to use, and to be compatible with older Microsoft operating systems, notably 16-bit Windows and DOS.
So, for example, by design, it treats any file with certain extensions (.EXE, .COM, .CMD, .BAT, etc.) as executable and will try to run them.
In contrast, Unix systems do not do this. They will not run even executable files unless they are specifically _marked_ as executable _and_ you have permissions to run them, and by default, Unix does not look in the current directory for executables.
This makes Unix less friendly, but more secure.
Microsoft also made other mistakes. For instance, it wanted to promote Internet Explorer to prevent Netscape getting control of the nascent browser market. To do this, it bundled IE with all copies of Windows. This was challenged in court as anti-competitive — which it was — and a demonstration was staged, in court, by intellectual property expert Lawrence Lessig, showing that IE could be uninstalled from Windows.
To counter this, MS tied IE in more deeply. So, for instance, Windows 98 has a multi-threaded Explorer, based in part on IE code. Window contents are rendered to HTML and IE then displays that content.
This means that all a hostile party has to do is embed a virus into a suitable image file, such as an icon or a folder wallpaper, and IE will render it. Exploit that IE process and you own the computer.
Ditto, IE is used to render HTML Help files. So, put an exploit into a help file, and you can own the computer.
Because MS wanted to counter Adobe Flash and Sun Java, popular ways of embedding interactive content on web pages, it designed its own: ActiveX. ActiveX is basically OLE (Object Linking and Embedding - Wikipedia) in HTML, but OLE was designed for local MS Office documents, or ones on a trusted local network. ActiveX runs over the Internet, but treated it like a LAN. It fetches binaries off remote servers and executes them. This is disastrously insecure design. The Internet cannot be trusted; all non-local machines should be treated as hostile by default, but MS’ pressured designers failed to realise this.
Because of poor design like this, focussing on ease-of-use not safety, Windows is easy to exploit. It is fairly straightforward to inject hostile code into Windows, whereas it’s much harder on Unix boxes.
Windows apologists will deny this, but it is factually accurate and a demonstrable fact.
So, Windows is less secure than other OSes. As a result, it is necessary to run anti-malware protections at all times on Windows machines. Every file must be scanned before it’s opened. Everything must be treated as suspicious, because the underlying OS design trusts everything.
Unix trusts nothing until it’s told to, so Unix doesn’t need this.
So at all times, on your Windows box, a background process is reading all your files, checking them against a database, making sure they are not in a list of known bad stuff, and then letting Windows run them.
(This model is also flawed: what if they’re not in the bad list *yet*? Oops, too late, someone else now controls your computer. Sorry about that.)
This necessity for ubiquitous antivirus kills Windows performance, but the alternative — to do without it — means your machine could be destroyed by the first website you view or the first USB drive you connect.
And there’s nothing MS can do about this except by making a version of Windows that can’t run any existing Windows software or use any existing Windows-supported hardware. So the company is trapped in a prison it made for itself.
It’s necessary to spell this out because the Internet is full of young people who know nothing else _except_ Windows and know nothing of its design compared to rival systems. If they know any other OS at all, it’s something like Linux, which in many ways is very similar to Windows in construction.
Thus, they deny this charge, because they think it’s someone being unfair to their preferred OS or company.
But every point in this is readily confirmed if you do some research. It is all objective fact. I’ve been working with Windows since v2.01 in 1988 and I can demonstrate all of these statements. Go check it and confirm it for yourself.