It will get infected by a virus through one of a gazillion possible paths.
My Windows system has never had the security patches added, because they are not needed while it is hidden behind my firewall, and not allowed to touch the outside net.
As a result, the process of applying all of the security patches to make it (temporarily "sorta" safe) is a royal pain, as Microsoft's site really wants the system to connect to their site and talk to the site to determine which patches are needed (thus being exposed to the attacks which my firewall sees being attempted against my unix boxes, treating them as though they were running Windows -- and thus failing).
I, instead, would have to log into their site with one of my unix boxes, convince it to give me a list of patches needed, and then burn them to CD-ROM and take them to the box in question to apply the patches.
All in all -- more trouble than I want to go through. I
*know* how to keep my unix boxes relatively secure. I don't know enough about Windows to be sure that I have done everything that I would need to do. And I *certainly* can't depend on Microsoft to honestly tell me all of this, given their track record.The Windows box is used primarily for income tax work once a year, and until relatively recently, it was also used for converting the images from a weird digital SLR to more normal formats -- before "dcraw" was available for unix system to handle almost every weird format. :-) So -- most of the year, it is kept turned off now. The most recent turn-on for it was to try out the "live CD" for installing CYGWIN including their X11-server and their SSH implementations.
Enjoy, DoN.