said by BlitzenZeus:The fact is most malware is ran by users, not by exploits, and with most of them elevating it, otherwise already running as a full admin they let that trojan horse onto the system themselves.
True.
IMO the security of any computer is a function of
both the OS and user using it.
Ignorant users need a more secure OS that prevents (UAC, blacklists etc) them doing dumb stuff.
Educated users can use a less secure OS since they don't do the dumb stuff.