to saying you've improved your house security by putting basic insect screens on the windows to keep the bugs out.
Hackers and writers of malware have been around since the the 1980s. They were NOT a huge issue for Windows until Microsoft made a couple of major design changes in how they did their software. Prior to the release of Win 95 you installed DOS, then loaded applications on top of the DOS operating system, some of those apps were Windows, Word, Internet Explorer, Excel, etc. In each case whatever went on in the application happened OUTSIDE the security perimeter of the operating system and the OS itself was very secure. With Win 95 Microsoft took deliberate actions in their design that greatly reduced security and have done nothing about fixing them since, those actions were:
1. Add shortcuts into the operating system kernel to allow the Microsoft applications to run faster, thus giving their apps like Word, Excel, etc and advantage over third party apps. This provided a means to bypass all the security checks that protect an operating system from malicious code opened in an app.
2. Build certain application right into the operating system kernel like the GUI and the Internet Browser. This provided a number of open doorways for malicious code to bypass all the security systems and enter the operating system kernel as well.
3. They rejected the concept of tiered user access built into the operating system from the ground. Thus the default access level is for full control as the system administrator.
Since then Microsoft have taken over a decade to realise they made some mistakes in doing this, but they've not gone back to fix the problem code, but have simply tried to bolt on external fixes in the hope they can mimic proper security. User accounts and UAC are the most obvious aspects of this approach.
Now I noticed you touted the Trustworthy Computing Initiative, sorry, but it's just a slightly watered down rehash of the Palladium Secured Computing concept Microsoft put out in the mid 1990s and got shot down in flames as the aim of it all was to push for total vendor lock in such that your Secured Windows system would only trust and talk with another Secured Windows system. Nearly all of the Microsoft claimed security upgrades and improvements since Palladium got shouted down have been a step by step introduction of Palladium by stealth. Even so, all the underlying security problems in Windows are still in place and still causing troubles for Windows.
Other operating systems that are designed without those underlying problems have a great deal less security issues to worry about - like Unix and Linux.
