From Roger's article:
Sadly, I still see computers with no antivirus or software firewall. Most of the infected computers I help with have P2P programs installed and vulnerable versions of Adobe Reader and SunJava. Not even Microsoft.com is in the Trusted Zone on my computers. As evidenced by Kaspersky and Symantec, even trusted websites can be impacted by an SQL injection.