Aaah, this goes down like oil. Often, when talking to people about IT security (i.e. daily) I start feeling like an anti-Microsoft zealot (which I hope I'm not, although I do have lots of reservations agains the company). So it was very satisfying to read the following snippet of Bruce Schneier over at BoingBoing

Operating systems: If possible, don't use Microsoft Windows. Buy a Macintosh or use Linux. If you must use Windows, set up Automatic Update so that you automatically receive security patches. And delete the files 'command.com' and 'cmd.exe.'

Applications: Limit the number of applications on your machine. If you don't need it, don't install it. If you no longer need it, uninstall it. Look into one of the free office suites as an alternative to Microsoft Office. Regularly check for updates to the applications you use and install them. Keeping your applications patched is important, but don't lose sleep over it.

Browsing: Don't use Microsoft Internet Explorer, period. Limit use of cookies and applets to those few sites that provide services you need. Set your browser to regularly delete cookies. Don't assume a Web site is what it claims to be, unless you've typed in the URL yourself. Make sure the address bar shows the exact address, not a near-miss.

HOWTO make your PC more secure, by Bruce Schneier(Via Boing Boing Blog.)