Well, the paranoid can install the McAfee SiteAdvisor browser plugin even on Linux, I think. The Mozilla folks constantly update Firefox (Iceweasel on Debian) for security, and Debian maintainers are always busy dropping the latest versions of upstream software into Debian Unstable. Debian Testing users get the updated product when it's been tested ready (and sometimes from the Debian Security repo) and Debian Stable users get the updates when the Debian Security repo gets them in there.
Not sure how OpenOffice does it but I believe it uses a system other than macros.
Stuff can be embedded in files that won't have an effect when used on Linux but then when shared with a Windows user CAN infect the Windows computer. That's why folks using Linux sometimes install a Linux anti-virus software (Debian has them available too) to scan stuff they're going to transfer to a Windows machine.
Heh, some folks who dual-boot and are browsers of porn sites will boot into Linux to do that so they can safely drool without worries about their computers.
I mean, it's pretty darned safe in the world of Linux as the vast majority of parasites out there only have effect on Windows. Even running some of that stuff using Wine, executing away, has no effect. You start the exe file and nothing happens because it doesn't have anything to hook onto and run. Even if your fake Wine Windows folder has what it needs to run, you can then simply delete that fake drive and run winecfg or wineprefixcreate to start over fresh.
How come the investigation? Just to learn, or are you considering this stuff before trying out Debian?