Two security practices go a long way in protecting a computer against security threats.
1. Use a standard account instead of an administrator account for daily use
Using a standard (non-admin) account instead of an administrator account for daily use helps to slow down or stop malware. Limiting user rights also helps restrict what malware can do. This is not a magic fix nor a 100% effective method but it is an easy, quick win that helps greatly to prevent malware infections.
According to sources like the one linked below, this method does help prevent a majority of infections.
A related article by Tom’s Guide: https://www.tomsguide.com/us/standard-accounts-stop-malware,news-18326.html.
2. Keep a computer up-to-date by downloading updates and patches
Keeping a computer up-to-date does more than add or improve features. Developers often issue patches for security holes, or computer/software bugs.
Here is a related article by security-software provider Norton about the importance of software updates and patches: https://us.norton.com/internetsecurity-how-to-the-importance-of-general-software-updates-and-patches.html.
It can be a pain to keep track of all the software installed on a computer, and whether it’s up to date or not. This is where patch management software comes into play. Patch management software analyzes installed programs and keeps track of which ones need updates, all in one place. A schedule can even be created to check for and install updates on a regular basis, thus helping automate this process.
Patch My PC is a good solution for personal computers: https://patchmypc.com/.
Enterprises use various patch management tools to keep their users current. SourceForge has a good list of various options available: https://sourceforge.net/software/patch-management/for-enterprise/.