The Sophos team wanted to test that assertion, so they installed a full release copy of the new OS on a previously cleaned computer, kept the default values for User Account Control (UAC) and didn't install any anti-virus software.
They then proceed to infect the machine with 10 unique samples of malware that SophosLabs received last. The result wasn't good for the users (although it technically is a good result for manufacturers of anti-malware software around the world): only 2 out of 10 failed to operate!
The conclusion? If you installed Windows 7, don't forget to use anti-virus software.