Absolutely, The core root is isolated in it’s own partition and no changes from ANY source can be made without super user permission and password. There is no way to access it without you knowing. This alone is HUGE in my book and far outweighs any other small eccentricities Linux might have.
As for a VM, I would rather have the Linux as my secure primary OS and run Windows in the VM if I absolutely have to have MS for some reason. What good is Linux as a secondary OS if the MS primary is still vulnerable? If I need a quarantined OS in a VM to protect my primary I just clone my primary linux as my secondary.
But I have no reason to use MS at all now, Linux has come a long way and fills the need for just about everything MS can do.
One reason: People are more comfortable with Windows at first. I use Linux as a mainframe so I am more comfortable with command line but I know how to use it graphically (X-windows).