just assume its always vunerable
I use a setup where I have two machines - my main machine is Ubuntu and I remote desktop to my windows 7 machine for windows only stuff, so its semi-seamless between the two. I only use my browsers on the ubuntu side and try my best to not do any internet access from the windows side and avoid inserting strange USB sticks, etc, since my windows work involves a lot of USB debuggers and devices, so I can't just put glue in all the ports. Not that I assume Ubuntu is not vulnerable to anything but odds are much lower, if nothing else than from relative obscurity. I do periodic windows backups and git source control to a local linux server, to avoid ransomware.