It's the same assessment level but may or may not be the same exposure level.
While Microsoft does not assume that attackers haven't seen the source code, we cannot say how many people who are capable of spotting security issues have reviewed the code.
That being said, it's worth also saying it's a hard comparison to make overall; it's possible there are important parts of the Linux code base that have in fact had less eyes on them than Microsoft has had on theirs; without numbers it's hard to be certain.
While Microsoft does not assume that attackers haven't seen the source code, we cannot say how many people who are capable of spotting security issues have reviewed the code.
That being said, it's worth also saying it's a hard comparison to make overall; it's possible there are important parts of the Linux code base that have in fact had less eyes on them than Microsoft has had on theirs; without numbers it's hard to be certain.