By far, the majority of active exploits on Windows 7 systems are browser plug-in based. Very few exploit holes in the operating system or browser itself. I think you are clinging to an outdated viewpoint here.
I am no fan of Microsoft's traditionally lax approaches to security...but credit where credit it due. Windows 7 is a good operating system. It has it's flaws, but then again, so do all the competitors. OSX can be pwned by trojans, and gods know Linux sure can.
But all three operating systems suffer from the same two attack vectors: social engineering the user into doing something stupid...or browser plugins running amok. I am certain there /are/ operating-system vulnerabilities for each. There always are. But the point here is that a fully up-to-date Windows can still be made a very safe place to play.
I prefer the heightened awareness that a decade of Microsoft faceplanting has brought to security on PCs. People are /wary/ of things when they use Windows. They expect that behind every link is a boogyman, that every attachment will nom their system.
It's better than the false sense of security you get from Linux or Mac. Hell, the Mac Sandbox is a trap! http://arstechnica.com/apple/news/2011/11/researchers-discover-mac-os-x-has-its-own-sandbox-security-hole.ars
I’m not trying to big up Microsoft here. I use CentOS most of the time, because MS are greedy basrtwards whose VDI licenceing is absurd. I would not be surprised to learn that each line of Microsoft’s VDI lisencing documents are written with the blood of kittens.
But honest credit where credit is due. Windows 7 is not Windows XP. And IE9 is not IE6. IE and Windows have come a long way. They aren’t quite “as secure” as Macs ro Linux in every possible way…but they have an entire industry devoted to helping increase that security, and they don’t pass along a false sense of reassurance that gets their users pwned either.
As far as I can see, it's really six of one, half a dozen of the other. Application availability, compatibility and endpoint management are far more significant concerns to me than the theoretical vulnerability of an oprating system or browser based on unproven assumptions and outdated predjudices.
And now...back to trying to build a CentOS install disc that uses XFCE as the default instead of Gnome...