in them. They get patched frequently but each major new version has new holes! The basic problems are often the user & such script items as
Flash, Shockwave (also run thru Adobe Reader etc). These items have as much control over your machine as you do at the keyboard!! Likely more because they perform whatever in micro-seconds and you react MUCH more slowly! That why one must be very careful with these.
At present, I suggest Firefox &/or Sea Monkey as preferred particularly WITH the NoScript add-on added! NoScript blocks all scripts upon reaching a site. Available for Both FF & SM.
When you click on the NS icon at bottom right of screen, it lists who is trying to run scripts on your machine and you can allow/allow temporarily for this visit/deny each one individually.
Smart, safe sites try not to require Scripts for the main page but might need for log-on or for bouncing between various pages there.
My rule of thumb is to leave all blocked or if need be ok ONLY the main site name. If a flash player or whatever is embedded & blocked, putting your cursor over the "F" icon displays who controls the player and I might ok ONLY that one also. Unless it's a site you trust and visit often, I prefer Temporary ok always.
Infection comes thru any incoming opening whether in Mail, Chat, Messenger, News Groups, Facebook, My Space, any toolbar, any remote printer share,desktop,online help, cloud service, etc. Browser isn't the only hole to worry about!
Unfortunately, I spend more time updating than browsing! Eurk!!