You can remove windows in quite a few more clicks, but it's ultimately worth it. Though I wouldn't put it past Canonical to add ads to the default desktop at some point.
At some point it's going to be worth calculating whether malware (the vast majority of which is mitigated by not running as admin) or the latest update is going to be more disruptive to your workflow.
At least on the systems I manage, workstation updates have been responsible for a lot larger share of the same kind of problems (data loss, availability loss, etc.) that I am starting to get questions that I don't have very convincing answers for.
I would rather have malware ---- at least it happened under my control.
However, I really wonder what kind of attack surfaces I may have, if I have zero exposed ports, never plug in any drive from untrusted sources, and always double and triple check any program before running? I haven't used any antivirus(including windows defender) since I got my first computer and never got any virus, also I monitor my running processes frequently and have an adequate knowledge of windows internals. Malwares are not like COVID-19...
PSA: Search for something called lolbin. Short for "living off the land binaries". Not every malware needs to have it's own process or will be easily identifiable when looking at a process list.
