It seems that Windows really is a secure operating system. You can stop most of the vulnerabilities of Windows by not running your account as an Administrator. Using a normal User account and only elevating when you need to has been a new standard way of doing things since Windows Vista, but many people change that to run as Administrators all the time. Similar to the way Linux does things (sudo, su), most of what you do can be done as a user, only using the Admin account when you absolutely need to (change system files, install programs). This greatly slows down the way malware and viruses can infect your PC, as they usually need administrator rights to install their infected files.
After tabulating all the vulnerabilities published in Microsoft’s 2009 Security Bulletins, it turns out 90 percent of the vulnerabilities can be mitigated by configuring users to operate without administrator rights, according to a report by BeyondTrust. As for the published Windows 7 vulnerabilities through March 2010, 57 percent are no longer applicable after removing administrator rights.