"..it is important to note that most modern Web browsers – including Internet Explorer, Firefox, and Opera – have added anti-malware blockers that provide early-warning systems when users attempt to surf to a rigged Web site. These blockers provide good value but, because they are blacklist-based, they do not provide 100 percent protection to Web surfers.
The most practical approach to defending against drive-by downloads is to pay close attention to the patch management component of defense. Specifically, users should —
* Use a patch management solution that assists with finding – and fixing – all third party desktop applications. Secunia offers two tools – Personal Software Inspector and Network Security Inspector – that can help identify unpatched applications.
* Use a desktop browser that includes anti-phishing and anti-malware blockers. Microsoft’s Internet Explorer, Mozilla Firefox, and Opera all provide security features to block malicious sites.
* Enable a firewall and apply all Microsoft operating system updates. Avoid using pirated software which has its updates disabled through WGA.
* Install anti-virus/anti-malware software and be sure to keep its databases updated. Make sure your anti-virus provider is using a browser traffic scanner to help pinpoint potential problems from drive-by downloads.
These steps toward managing the vulnerabilities continue to offer the greatest, most valuable protection against drive-by download attacks." – Content courtesy of Viruslist.com – Drive-by Downloads. The Web Under Siege