In his blog, Sophos technical expert Chester Wisniewski said that his research team loaded a full release copy of Windows 7 on a clean machine, configuring the PC to follow the system defaults for User Account Control (UAC) and did not load any anti-virus software.
"We grabbed the next 10 unique [virus] samples that arrived in the SophosLabs feed to see how well the newer, more secure version of Windows and UAC held up", he said.
"Unfortunately, despite Microsoft's claims, Windows 7 disappointed just like earlier versions of Windows. The good news is that, of the freshest 10 samples that arrived, 2 would not operate correctly under Windows 7", he added.
According to Wisniewski, users still need to run anti-virus on Windows 7, noting that: "Microsoft seems to be saying that Vista is the least ugly baby in its family. You can be sure the next report will highlight its even less ugly younger sibling, Windows 7."
"Why do I say this? As of October 31st www.netmarketshare.com states that Windows Vista has a 19% market share against Windows XP's 70.5% and Windows 7's 2%. Approximately one in five Windows users is using either Vista or Windows 7. These users often have newer computers, automatic patching, and firewalls and anti-virus software in place."
"With millions of hosts still infected with Conficker, ZBot and Bredo, it is obvious a lot of unprotected machines are still out there, and it is no surprise that most of those are XP."
Commenting on Wisniewski's blog, Richard Kirk European director with Fortify, the application vulnerability specialist, said that the problems of Windows 7 are indicative of the sheer volume of code that goes into operating systems today.
"When you factor in the issue that there are often more than a million lines of code in a typical Windows application, you begin to understand the scale of the problem for software developers", he said.
According to Kirk, the only piece of good news to come out of the Windows 7 vulnerability reports is that two of the eight pieces of viruses loaded in the tests did not run correctly under the new operating system.
And, he said, since there are a range of free-to-use anti-virus applications - as well as a plethora of low-cost pay-for IT security suites available - the problem is not a major one for most Windows 7 users.
"When you realise that most new machines come bundled with some form of IT security software, it's not such a big deal", he explained.
"The volume of code-auditing and checking that is required for a modern operating system and its applications software is a big deal, however, and one that companies using customised or in-house-developed applications should be aware of", he said.
"This is one of the reasons our company was founded and, as our growing base of clients have discovered,addressing security issues throughout the software development process can save a lot of grief further down the line."