I find these responses interesting. The question is what the most secure operating system is. To me, the answer to that would be the operating system that goes without incident for the longest period of time with an average person doing average things. Sure, a computer you never turn on is the most secure but then it isn't really a computer at that point. And yes, Unix and Linux tend to have better track records in general, but they usually have trained people setting them up and knowing how to lock them down. Plus, the threat model of a server is much different than the one for a desktop. In addition, Grandma's threat model is much different than that of a corporate drone. If you don't keep all the variables in mind, then you aren't really comparing the same things. It is like asking what car is safer, but then using SUV front-crash results vs. sub-compact car side-impact results.
For example, someone brought up the story (which went viral 14.5 years ago) about how Windows XP took an average of 20 minutes to be exploited after being put on the Internet. However, that was a fresh-install machine connected directly to the Internet (no router, NAT, or firewall), without a host-based firewall enabled, and everything at default settings, including wide-open and world-accessible SMB ports. It was probably even worse with Grandma behind the mouse clicking whatever tickled her fancy. That is nowhere close to comparable to a professionally-administered machine behind the layers of corporate security and "sufficiently" secured (for various definitions of sufficient) before being allowed through the firewall. Until you take those things into account, you aren't really comparing operating systems, you are instead comparing the technical prowess of their users.