You are comparing with XP. XP does not have User Account Control. Everyone run as full administrator by default... and if you don't... well expect issues with non-enterprise ready software. It's a mess of an OS, and has more security holes than a wood log infested with termites. It's for a reason Microsoft scrap it and pretty much restarted from scratch. 6 years later.. you have Vista, then Windows 7. The place I used to work, when I used to work as IT before doing soft. dev. When we switch to Windows 7 from XP, we saw a drastic reduction in malware/virus infection (it's at 0 since Win7 was adapted, which was a few months after its release), and also we saved a lot on the electric bill, thanks to Windows 7 (well Vista) improved power management system. Anyway, XP is a very old OS, based on the original NT, that is a 1993 OS. All it's weaknesses in security are well known by people doing these viruses, and malware. A famous virus attack we had in XP, was people opening an e-mail an executable, a fake anti-virus, which, without restart, can turn the account, despite on the domain under very restrictive policies (but non a mandatory profile, as we wanted program settings and Windows settings to carry with them), to become Administrator, delete all personal files, and places it's viruses, pop-up malware, and redirect websites to a proxy server to, possibly, start stealing bank account information.