Depending on what your threat profile is, if you are being targeted by nation-state actors, you do not have the best chance of coming out the other side unscathed. I don't think that switching from MS to various open source infrastructure is going to help you, especially when you consider the fairly reasonable reality that most advanced state actors probably have multiple zero days in various software projects stored in case they need to use them.

I have a hunch that if you choose super legacy systems such as Novell the malware might not even recognize it.

Your best long term strategy is to switch to environments that don't use ambient authority as a foundation.