I'll agree with you straight up on Firefox addons as well as Flash and Acrobat which are in the repos. However my experience (ymmv) with users on Linux is that if your smart enough to Sudo install software your smart enough to protect yourself and verify your sources. The average home user won't use the command line to install software, if its not in the repositories. If I remember correctly, Ubuntu by default is set to pop up the update manager daily. I think they do some updates automatically in the background as well, but I couldn't swear to it. As I said, I'm not claiming Linux to be unhackable... just that there are some legitimate areas where it is by default more secure. I'll also admit that MS is making great progress with their newer systems and we can hope that this trend continues.

Most people probably use the central repositories which mean that they aren't running random code, but rather only code that has been admitted into the repostitory. In addition use of the Linux repositories means that ALL your programs get updated as the updates are available, compared to windows where individual software either has to install its own update, or wait for the user to manually check for an update. Its also worthy to note that until Vista/7 users pretty much had to run as admin to actually use their computers. This left the entire system open to attack rather than just the user account. Making this a habit among Windows users has led to lots of users disabling UAC in 7. This is not to say that Linux is not succeptable to virus/malware/idiot user, but you did ask for specifics and those were the first 2 I thought of.

Not to mention that NOBODY uses a stolen credit card to pirate music even if they liked it. They'd hop on the P2P of their choice and download it. Any song with that many "Sales" would be on all of them.

Aye the ease of installing is great... almost enough to offset the pain of figuring out what you need to install. Granted once you've found the correct package everything usually works great.