Friend used to run his webservers on Amigas about two decades ago, back in a time where the time of hooking up an unpatched Windows system to a 100MBit connection would have it infected before you could start updating it. "Of course the webserver there is horribly insecure, as there haven't been new releases in years, but it's so obscure that none of the exploits work"
Did that time end? I'm pretty sure it's still a very bad idea to make a system with common serious vulnerabilities even briefly publicly reachable on ipv4.
If you install Windows XP from the release CD and attach it to the public internet, and let it sit, unless your ISP filters out the file sharing ports, I think it will get taken over fairly quickly. But windows vista and later don't make services available by default.
It's also very popular for ISPs to drop traffic on the windows file sharing ports, because it's almost all either malicious or at least unintentional.
