Here is what a German federal agency experienced when they set up two Windows 7 systems. None of this is really news, but it validates our decision to focus our internet browsing through the Chrome browser and to avoid Java as much as possible.
"According to the study, the agency tested two different Windows 7-based systems. Both OSes were up to date with the latest available patches and also used Microsoft's free antivirus product, Security Essentials. One system used Google Chrome 21, Adobe Reader X, Libre Office 188.8.131.52 and a standard user account. The other one had IE9 installed alongside an older versions of Adobe Reader (version 9.4) and Libre Office (version 3.4.3). The system also had a year-old version of Java Runtime (version 6, update 26), along with an older version of Adobe Flash and an administrator account.
The government agency then compared those results to an older installation of Windows XP. There, a total of 88 attacks were able to exploit and infect the targeted computer."
Here's happens when security watchdogs ignore their own advice | ZDNet