Sophos has warned that a bare bone Windows 7 is not secured and is prone to malware attacks. To prove this, “SophosLabs loaded a full release copy of Windows 7 on a clean machine, and configured it to follow system defaults for User Account Control (UAC) and didn’t load any anti-virus software. They then feeded 10 unique samples arrived in SophosLabs to see how well newer, more secure version of Windows and UAC held up. Unfortunately, only 2 of 10 samples would not operate correctly under Windows 7. User Account Control did block one sample. Lesson learned? You still need to run anti-virus on Windows 7,” Sophos blog.

List of samples: