My parents just started using Windows XP so everytime I go up to visit I try to update and check their computer to make sure everything is running safe and secure. They are on a DSL modem, and have absolutely no firewall of any kind installed except the default OS one.

When I first upgraded their OS to Win XP they were imediately infected by sobig before I even had a chance to finish the install. When I upgraded to sp1a I was similarly immediately hit by another worm before I could disable services and properly tweak and administer patches.

My Question: What is a good way to handle upgrades for their pc? It seems like I almost have to take them offline and install the upgrades from disk so there's no risk of infection. I realize they should get a router or some sort of protection and this will likely eliminate this problem.
However, is this a issue with their network too? What I mean is, it seems like worms and such are running rampant on their network because I never have such problems with my pc. I assume it's because Im behind a router, but then again I'm a newb and completely clueless about these things.

Thanx for your help.