Rootkits can be installed in many ways, including through software updates or through physical access to a system. The suite can include extra access byways via SSH tunneling, unauthorized web services being set up (for the purpose of relaying spam or making the system a zombie in a botnet), keyloggers, and more.
Rootkits are typically targeted at Unix-based systems, however it is conceivable that other systems are equally vulnerable to them, in many cases even more so. Rootkits became so popular on Windows systems that Symantec and other security firms have created software specifically to deal with the problem.
For Windows, Sophos offers a free tool to deal with rootkitting.
Hardware-based solutions have been tried, and have also been defeated by clever hackers.