Because knowledgable Linux users don't browse arbitrary web sites
as root perhaps?
Take a look at some of the current Windows exploits, many don't
require _any_ user intervention except visiting a compromised web
site (the animated cursor exploit, for example).
Jerry
Sure in order to just think Linux the users need to have at least some
knowledge. Unlike those, Windows users just get the system from the
store/school/work and start using it without much thinking. While
school/work PC is most of the time set up more or less right - that is
with limited user account, antivirus, firewall, etc., the one that
comes from the store boots up straight to Administrator account, not
even ctrl-alt-del required, and the password is blank. The users that
know change it. However most of the users don't know and/or don't
care. And that kind of user is also the one to most likely install
animated cursors and other crap that oftentimes comes with trojans
attached.
Guess who is more likely to be caught for drunk driving - the ones
coming back from child play date, or the ones coming back from a
football game with usual tailgate beer bash? Maybe not a direct
comparison, but you've got the point.
NNN