The proper answer may be to keep your system updated, but that relies on the software vendor pushing updates out quickly. I trust some Linux distros for this, but exactly 0 proprietary closed source OS vendors.
And even if you do your best to keep up to date, updates can fail for many reasons. If you're not manually going and installing updates EVERY day, you're possibly open for attack.
One computer at my last job, which was left with it's government supplied image, was supposed to get updates from a government supplied server... However it never did, which lead to it being open to Conficker and other such fun.
And lets not forget that some malware goes out of it's way to prevent updates installing, but remain hidden from the user, who may think they're perfectly safe.