Symantec Global internet Security threat report
to protect against malicious code that installs itself through a Web browser, additional measures should be taken. the use of ipS technologies can prevent exploitation of browser and plug-in vulnerabilities through signatures and behavior-based detection in addition to ASLr. End users should employ defense-in-depth strategies, including the deployment of antivirus software and a personal firewall. Users should update antivirus definitions regularly. they should also ensure that all desktop, laptop, and server computers are updated with all necessary security patches from their software vendors. they should never view, open, or execute any email attachment unless it is expected and comes from a trusted source, and unless the purpose of the attachment is known.