Instead of fixing this -- and to maintain backward compatibility -- they've always applied security models further up the tree, closer to the apps and the user. As a result MS has more and more complex security controls but is less secure. This complexity and security bloat results from trying to patch a boat that's full of holes in its fundamental design.
Secure boot is needed for the same reason lots of other controls are needed-- to make it harder to permanently screw the system once you've gotten malware onto it. This is so important because it is historically so easy to get malware onto Windows.
Sorry, then nothing I say will change your mind. It would be a waste of my time.
Everything. I mean literally everything. Every single sentence.
First of all.. calling NT 'not multi-user' is laughable. Anyone who knows anything about OS design knows that NT was designed from the ground up to be muti-user - with an extremely well thought out token/object security model that was hands down superior to any other general purpose mainstream OS at the time.
Secondly secureboot is not an active security model. It is a one-time validation of a chained-loading sequence from the uefi/bios to the OS kernel. It has nothing to do with "patching holes" in NT. NT is already a highly secure operating system. Infact, there have only been a very small amount of kernel vulnerabilities ever found in NT compared to most other widely used OSs.
Secure boot is also nothing new. They have been using something similar on the xbox 360 for years. In any case, Secure Boot is an OS agnostic general security 'best practice'. Many Linux distributions are also adopting it.
So in the end, worse is better, because it is usable in practice by people with deadlines.
Similarly, in the Linux world, SELinux provides much better security. But then again, very few people know how it works and how to configure it, so even when it is enabled, it relies on policies supplied by OS vendor.
The problem is you're comparing two unequal things and calling it even. Linux clearly has had to deal with several challenges in improving its design due to its UNIX heritage (time-sharing OS, synchronous I/O, blocking syscalls, etc), while NT did not because it was a fresh design.
Frankly this type of discussion is more suited for a comparative analysis type paper than the comments section. Also, FWIW - I don't claim any special expertise or knowledge on OS design, its simply a topic of general interest of mine.