Re: Really .....
"I have been running Windows 7 for years with updates turned off and basic free AV."
I concur, though my updates have always been in 'manual'. And they stopped getting installed when GWX was excreted from the hideous bowels of Micro-shaft. And besides, when it takes an entire DAY to 'scan for updates', something is wrong with the process...
With the use of 'safe surfing', vulnerabilities are MUCH LESS of a problem - even on an un-patched windows machine!
1. don't use Intarweb Exploiter. *EVAR*
2. use 'noscript' in Firefox, if you MUST go online with a windows machine. be aggressive with noscript. don't be fooled by "you cannot view the content".
3. NEVER view e-mail in HTML format. And don't view images 'inline' either.
4. NEVER open a flash video, or a PDF file that was mailed to you, with Adobe's reader.
5. Don't use MS Office to open 'attached document files'.
6. NEVER use MS Outlook for e-mail. *EVAR*
7. NEVER have a public IP address on your windows computer, without some SERIOUSLY AGGRESSIVE EXTERNAL FIREWALLING. This includes IPv6.
8. Do *NOT* trust Microsoft "anything" for security. This includes BOTH their firewall AND their virus scanner.
Do this, and you could continue using WINDOWS XP without any worries. Seriously.
(and use Linux or BSD for all of your web-surfing needs - it's probably using the SAME browser anyway!)