German office for IT security tests vulnerability of Windows systems
carried out by the BSI. It used two different Windows systems to visit a total of 100 web sites hosting drive-by downloads
(malicious code which spreads primarily by exploiting security vulnerabilities).
One system had been configured as described in the BSI's own recommendations for secure Windows usage. The other was
configured, as many computers are, with Windows updated to the latest version via Windows Update, but with Adobe Reader, Flash, Java and LibreOffice versions which were at least a year old. In addition, instead of Chrome, the second system used
Internet Explorer 9 as its default browser
The results speak for themselves, with the vulnerable system picking up 36 infections from visiting infected websites, whilst the system configured according to BSI recommendations picked up none.