In a paper (PDF) presented at last month's HotBots 2007 conference, researchers from Google say they've found malware downloads lurking on 1 out of every 10 Web sites visited. For this study Google analyzed 4.5 million URLs. The researchers determined that 450,000 of these contained some form of malicious code. The researchers identified four methods used to infect the unsuspecting Internet surfer. One is site-based, such as compromises in Web server security, but the others involve common user activity such as downloading user-contributed content, clicking Web advertising, and installing third-party widgets.
The research authors do not proscribe a solution, rather they conclude that the code used to infect innocent computers changes rapidly, making a survey such as theirs hard to complete. Recently, CNET reviewed several browser companions that analyze and rate Web site search results, protecting you before you click.