Hi folks,
M$ wil always have the advantage now of integrating the browser that deep into the OS with all the benefits for them, and the general disadvantages for those who have to deal with the browser vulnerabilities, e.g. the end-users. There are two things that you could do about this: use admin rights only when you absolutely cannot do without. For all other occasions, that is under normal circumstances, browse with normal user rights only (still there is the fact that the browser has normal system's rights, which is a bit super, maybe this should change for the future). Then another thing is to let the whole of IE run inside a sandbox so that after one browser session you can "throw"that session out so to say. With SP2 they "overhauled" already 50 features to make the OS more secure, but more has to be done for sure. In the Vista days there will be stronger authentcation still, stronger validation still , less or no "tinkering-possibilities" or only for the smart ones, and surfing neatly with your hands tight behind your backs. Handling the OS becomes more and more restrcted for the avaerage user, we already lost full dos-support, the dark side of this is where the "as default" situation is not secure, we all have a problem. Windows is a nice OS, but not out of the box. Understand me right here, no system is secure as it comes out of the box. These issues have to be tackled first always.
polonus