So windows has always been about giving you a really nice atmosphere at all costs. A very charming interface with lots of character and lots of pretty colours, and so many processes and dependencies running all the time to be accessed whenever they may have a use, making everything so swift and plug and play and instant installations and etc. Basically Windows lets anyone be able to just do lots of things by simple button clicking and stuff. This gives many many loopholes and really straightforward attacks from malicious software and people with bad intentions. We can't fix said problems completely fundamentally. We can turn off unnecessary features and get protection though.
The security updates of the actual operating system don't have to matter too much. You can benefit from disabling things in services.msc, which means many techniques and loopholes that are programmed into malware to attack your system will be reduced. See: http://www.blackviper.com/service-configurations/black-vipers-windows-xp-x86-32-bit-service-pack-3-service-configurations/
Another very important thing is to have an anti-virus, and you want a really proper one, or else its kind of pointless. You want really thorough protection from companies like Kaspersky and Eset. I think the software package Kaspersky Internet Security is best.