It probably doesn't have much to do with a side by side comparison of the current OS architectures, but there is a lot of historical inertia behind the current state of the Linux and Windows ecosystems. Windows originated as a graphical shell for DOS, which was mainly a single-user, single-process system. Linux originated as a multi-user, multi-process system since inception. Throughout a long period of Windows's history, these habits lingered among third party developers (developers developers developers) out of convenience or simple necessity for backwards compatibility with other third party components. Even when the NT kernel became the universal Windows kernel with Windows XP, a lot of third party software development adhered to the assumption of a single user machine where the user runs everything with admin privileges. They simply ported their old shit over from (DOS-based) Windows 98/ME and did the bare minimum to make it run on NT. This only reinforced users to run everything as admin, because all sorts of things would break otherwise (admittedly, mostly games and retail shit, but a lot of third-rate enterprise software and harebrained in-house solutions also carried these assumptions forward).

This has all been pretty much remedied by year 2024, but a lot of these virus scanners and "security" apps still bear the marks of history, running in ring 0 as kernel modules and root-kits to one-up the end-user who is running everything as an admin. The fact that we're even doing third-party security apps in 2024 is the real failure. This stuff should be (and is, to a large degree) built directly into the OS. This stuff only exists because redundant middle-managers throughout corporate America cannot resist being conned by vendors.