While reviewing the software you are running would definitely help, it is also utterly impractical as a security measure for more than a small fraction of the folks who use software.
This is a large part of why I'm a heavy proponent of Flatpak/Flathub, Snaps and AppImage. The applications themselves may have a heavier payload, but run in relative isolation. It's an overall better option for security. Not to mention app/security updates won't affect the core os, and vice-versa.
It's not a panacea, but it's the best option for most people. I get why some may not like it though... I don't quite get the visceral resistance though.
Same reason windows nerds have a visceral resistance to software that costs money, and mac nerds have a visceral resistance to the idea that window management should be more sophisticated than pixel-hunting through a morass of overlapping crap. Nerds over-invest in a hobby/product, get locked into the inertia, start to identify with it, and must then defend it irrationally.
The amount of money the game studios, steam and others make would counter your first point... and compared to what, Linux, where nearly everything is free and won't generally pay for software?
You're right, add an asterisk for games. My whole point is the nerd will get stuck/fixated on his original way of doing things, which for a Windows nerd (like my past self) is spending your meager cash to cobble together a custom pc powerful enough to play games as a child/teenager, and pirating everything possible. Windows was The Best OS Ever (because you have no choice) - just like your [Xbox|PS2] was the Best Console Ever (because you couldn't afford both).
Of course, the adult version of this nerd will be able to weave much better post-hoc rationalizations. Head on over to ars technica or reddit or macrumors or linustechtips video comments for thousands of examples.
Honestly, my biggest gripes against Windows is the current direction of monetization of users... When I saw ads in my start menu search results, I was out. I've still used it a couple times for work, I still have it on my desktop, that I've booted to that drive twice. I've spent a fair amount of time getting some Windows things running on Linux.
All said, I like and dislike aspects of Windows, Mac and Linux... they all have faults. I'm a bit more forgiving of Windows in terms of security today (after a decade+ of working very diligently at it) than a couple decades ago, when I saw the likes of ILoveYou and I forget the SQL Server one a year or two later. Those were just stupid decisions all around (running Email in "local/full-access" security context instead of internet/untrusted). Similar for the SQL issue.
Linux security best practices are to (a) only run open source software with all code changes publicly visible on a version control website, and (b) rely on an expert maintainer to have performed at least minimal review on the software.
Granted, you might sometimes need to run something else, perhaps even closed source software. But insofar as that's considered necessary, the security posture of Linux isn't significantly worse than Windows, where almost everything is installed that way.
