The reason why Windows is not more secure is due to a December 2009 agreement with the EU. This was stated by a Microsoft spokesperson in an interview with The Wall Street Journal.
Competition is healthy, but also dangerous in certain situations
The main reason is that Microsoft agreed that security software has the same access to the OS as Microsoft. The backdrop is, of course, Crowdstrike, a security company, its update to Windows 10 and 11 which gave large parts of the world BSOD, which in turn led to closed online banks, planes on the ground, and a stop to Sky News, among other things.
Microsoft later revealed that 8.5 million machines crashed as a result of a fundamental flaw in its code.
The document ( .doc ) specifies that Microsoft is required to make its APIs for Windows and server editions of Windows available to third-party developers of security software and that the APIs must be documented. Oddly enough, Apple (which even closed kernel access to developers in 2020) and Google are not affected by the same agreement, but it may be a matter of time.
Section 42 states:
"Microsoft shall continuously and in a timely manner ensure that the APIs in the Windows Client PC operating system and the Windows Server operating system used by Microsoft Security Software Products are documented and available for use by third-party security software products running on the Windows Client PC operating system and /or the Windows Server operating system. These APIs will be documented on the Microsoft Developer Network unless open publication would create security risks. In such circumstances, Microsoft will grant third-party security providers access to such APIs pursuant to a royalty-free license and on fair, reasonable, and non-discriminatory terms.”