A friend of mine suggested that I should include as boilerplate in my security stories, a line like: "Of course, if you were running desktop Linux or using a Mac, you wouldn't have this problem." She's got a point. Windows is now, always has been, and always will be insecure. Here's why.
First, desktop Windows stands firmly on a foundation as a stand-alone PC operating system. It was never, ever meant to work in a networked world. So, security holes that existed back in the day of Windows for Workgroups, 1991, are still with us today in 2009 and Windows 7.

Most of these problems come down to Windows has IPCs (interprocess communications), procedures that move information from one program to another, that were never designed with security in mind. Windows and Windows applications rely on these procedures to get work done. Over the years they've included DLLs (dynamic link libraries), OCXs (Object Linking and Embedding (OLE) Control Extension), and ActiveX. No matter what they're called, they do the same kind of work and they do it without any regard to security.

The link for this article located at IT World is no longer available.