Don't forget that security vulnerabilities depend on many factors including the current configuration at the time. If you allow scripting, activex, downloads, etc. for all sites of course you will soon be infected, since that is how most of the exploits work. If you 'opened up' FireFox, you'd see pretty much the same result.