How to make your browser super-secure

PDF protection

Some add-ons introduce new vulnerabilities, though. Malicious PDFs are regularly used to infect PCs via flaws in Adobe Reader, yet you can protect yourself from many of these with a simple tweak: click Edit > Preferences > JavaScript, and clear the Enable Acrobat JavaScript box.


ACROBAT FIX: Most PDF files have no need to use JavaScript. Turn it off for an instant security boost

You may break some more advanced PDF files - animated slideshows, for instance - but most will work just as before, and you'll have blocked most PDF-related malware.

Standard user

Create a standard user account, rather than an administrator (in Vista, click Control Panel > User Accounts > Add or remove user accounts > Create a new account). Log in using this, if only for browsing, and Windows won't let you install programs or change system settings. You can bypass this by entering an administrator user name and password, but most malware will be unable to infect your PC.

Limit your rights

If a standard user account proves too inconvenient, and you're running XP, then a small Microsoft tool called DropMyRights might help. Use it to create a shortcut to run your browser, say, and DropMyRights will launch the program without any administrative rights. Again, it'll be harder for malware to infect you, but other programs will work as normal with no security hassles.

Update everything

It's vital that Windows is set up to install security patches just as soon they arrive, of course via Windows Update.

The operating system is just the start, though. What about your installed applications, utilities, plug-ins, components like Java? Any unpatched program could be vulnerable to an exploit.


PATCH YOUR APPS: Secunia PSI detected an alarming number of unpatched programs on our test PC

Make sure that any programs capable of going online to check for updates are allowed to do so. Then run Secunia Personal Software Inspector, which quickly scan your system, then detects and warns you about insecure, unpatched applications.