You do know that "desktop linux" and "server linux" are the same thing, just with different default programs and configuration styles?
I'd agree that yes, distros meant for desktop usage have less secure defaults, but that's not necessarily to say they're "less secure" if you understand how you're using them.
But Gnome runs as the currently logged in user, right? So the worst damage it can do would be to files that that user has write permissions on (ie, not system files).
Unless your entirely hypothetical scenario involves privilege escalation vulnerabilities, which I'll admit aren't unheard of in Linux but are fairly rare and usually patched within hours when they are discovered.
This is the case with the vast majority of Windows malware as well. System files aren't important; sure, you need them to run the system, but it's not like you can't reinstall. The issue is damage to user-owned files, no matter which OS you're talking about.
I'd agree that yes, distros meant for desktop usage have less secure defaults, but that's not necessarily to say they're "less secure" if you understand how you're using them.