Curious to know where the stats came from (not that I think they are wrong). I think that is mainly why MS intoduced the auto updating feature in WindowsXP. Don't know what the stats of home users vs office users of MS software are, but I suspect most are home users.
Most companies who use MS do have decent hardware firewalls & AV scanners in place, amongst other things, and also check for MS security updates on a regular basis.
Whereas a lot of home users buy a PC in much the same way as you would buy a TV, car etc. WindowsXP has flaws which can be exploited, but potentially it could be a step in the right direction.
Even on versions prior to XP, it was possible to run the 'critical update' service (very simple - just used the MS scheduler) which polled for critical updates on a regular basis (e.g. 15 mins). All these approaches mean you are reliant on MS to provide the updates in a timely manner of course ....

I don't think Matty is being overzealous - on my PC at home I always make sure that my AV scanner is updated before receiving any emails.