Windows 7 was touted as a big improvement on Vista, security aspect included.
The Sophos team wanted to test that assertion, so they installed a full release copy of the new OS on a previously cleaned computer, kept the default values for User Account Control (UAC) and didn’t install any anti-virus software.
They then proceed to infect the machine with 10 unique samples of malware that SophosLabs received last. The result wasn’t good for the users (although it technically is a good result for manufacturers of anti-malware software around the world): only 2 out of 10 failed to operate!
The UAC managed to block by itself only on sample, and that is definitely not good enough.
The conclusion? If you installed Windows 7, don’t forget to use anti-virus software.