http://www.ccianet.org/papers/cyberinsecurity.pdf
The title and subtitle of this paper pretty much sum it up: "CyberInsecurity: The Cost of Monopoly; How the Dominance of Microsoft's Products Poses a Risk to Security". Despite its alarmist title, it is written by a bevy of well-known security analysts from all sections of the IT industry, and presents an argument for a diversified software ecology clearly and concisely.
The report makes a point that is worth quoting: "The average user is not, does not want to be, and should not need to be a computer security expert any more than an airplane passenger wants to or should need to be an expert in aerodynamics or piloting.". The tendency to "blame the victim" in many of these cases is totally misplaced, and in fact impedes potential solutions.
A short commentary on this paper is available here:
http://mcpmag.com/news/article.asp?editorialsid=613
and a more extended commentary with reflection on the wider issues is available here:
http://news.com.com/2009-7349_3-5140971.html
Another more recent rebuttal is here:
Posted by jho at September 26, 2003 10:26 AM