That’s probably closer today than it was then. The added complication being that client is probably not thin enough for them to return to mainframe model which would be vastly easier to monetize.
Besides we got WSL out of the bargain, so at least inter op isn’t a reverse engineering job. Its poetically the reason linux ended up killing the last few win sever shops I knew. Why bother running win sever x just to run apache under linux. Why bother with hyper v when you can pull a whole docker image.
If the fortune 500 execs are sold on microsoft ita mostly as a complicated contactual absolution of cyber security blame.
This is always a spectrum from how long it was since the last Debian stable release. So about 2 years max.
Modern release cadences make it crazy anywhere but Debian, but security patches are very timely. If you’re dealing with newer features, driver support or java/npm packages you’re probably also outside the typical defaults, but there’s generally some people working to keep the common ones up to date.
Still not my preferred way to handle updates and in some cases… kind of abusive to the maintainers who constantly haVE to deal with bug reports from “out of date” Debian users. The xscreensaver maintainer has some choice words. But it works, has for years with no sign of slowing.