Well, I have searched long and wide, could not find better structured article on browser security.
Just head over at http://www.cert.org/tech_tips/securing_browser/ and do what Will Dormann and Jason Rafail tell you.
Best of luck!
Usually, when you install Windows(tm), after installation you’re granted with Admin rights - very convenient to install programs initially, and configure your system.
What people don’t do afterwards, is create a user with Guest priviledge and use it for their daily tasks!
So what you should do?
Once all your applications are installed and your system is fully configured with drivers etc, click on Start - > Run - > type lusrmgr.msc, press Enter, right-click on Users, create a new user, choose a nice password for it, Clear the check-box “User must change password at next log on” . OK. Next, right-click on the user you created, choose Properties, click on the Member of tab, remove Users group, click Add, type Guests in the box, click Ok.
Right-click on the Admistrative user you used until now - be it Administrator and/or other user you selected during installation - and set a long, nice, hard to guess password for it using “Reset Password”. Make up something like “thisisalongandeasytorememberpassword” - some sentence only you know and will never forget, but is impossible for others to guess.
Next time you log in to Windows, choose the Low-priv account you created, and use it for your daily tasks - browsing, working, etc - when you need to perform any administrative tasks, just right-click on an installation file or other executable, choose “Run As”, and type in your Administrative credentials.
Done!
We’ve seen multiple exploits, when the users visits a malicious web site, and next the whole organization is compromised, the data is leaked, business loses A LOT of money.
So, what are we going to do? Use Linux? Yeah, like there are no exploits for all Linux browsers, including the console based Lynx… yes, text only browsing is dangerous too!
Let’s imagine most our users are admins on their own machines. Or even Power users. Dangerous situation. What would I do? Run IE as… Guest! This is isolating internet explorer for safe browsing.
Here’s the How-To:
Start - > Run - > type lusrmgr.msc, press Enter, right-click on Users, create a new user, choose a nice password for it, Clear the check-box “User must change password at next log on” - this account will be used only for running your internet facing applications like Internet Explorer, Firefox, Outlook, etc.
Next, right-click on the user you created, choose Properties, click on the Member of tab, remove Users group, click Add, type Guests in the box, click Ok.
To create a shortcut on the Desktop for the new Internet Explorer instance, right-click on the Desktop, choose New -> Shortcut, in the field for the program paste this (where newuser is the username of the user you created previously):
runas /user:newuser “c:\Program Files\Internet Explorer\iexplore.exe”
Press Next, when it asks for a name for the new shortcut, type Inernet Explorer, press Next, done.
For Firefox: runas /user:newuser “c:\Program Files\Mozilla Firefox\firefox.exe”
The icon is not pretty, I know. Right-click on it, choose Properties, Change Icon, and choose a nice icon, maybe even the Internet Explorer one at the end of the list.
Update: This does not work with IE7 in Vista, so to run IE7 as Guest, you will need to login with your new user. That is actually much better, as it will protect you from other threats from internet facing programs you run.
Well this one will be a short one.
Wanted to bring to your attention a program I’m using for a long time on my personal computers and in my work - “Security and Privacy Complete”. I know, I know, name sounds like crappy shareware useless app, but it’s not.
It is an opensource project hosted at SourceForge.net, http://sourceforge.net/projects/cmia/
Now, WARNING. If you are not sure about an option, do NOT check or uncheck it. I could show you the settings I use, but it is possible that in your situation you will need something else. Hover your mouse over the setting, read the balloon tip that shows up, if you understand it - decide on the setting. Google it if you don’t understand it.
First run: There is a button, Create a Backup. USE IT. You can restore from backup later, using the “Restore from backup” button. Do not change any settings before you have created a backup!
Direct download link: here
Settings explained:
http://cmia.backtrace.org/en_system.html
http://cmia.backtrace.org/en_sicherheit.html
http://cmia.backtrace.org/en_dienste.html
http://cmia.backtrace.org/en_media.html
http://cmia.backtrace.org/en_iex.html
http://cmia.backtrace.org/en_firefox.html
Laser microphone:
RFID security exposed… read on.
Check it out http://www.rfdump.org/, there you can find the softare and hardware (in the limits of 500$ for the hardware - reader and writer, software is free) you could use to experiment and audit RFID security. If you’re a python fan, check out http://rfidiot.org/
This thing works with most RFID tags widely used in ID cards, physical security systems, e-passports, etc. The buzz is everywhere, if you don’t know RFID is as insecure as walking with a bag of money in a bad neighbourhood, then… you don’t need to read further, just live your happy uninformed life 
For the rest of us, http://cq.cx/proxmark3.pl might prove useful too - schematics on building your own RFID equipment, and the necessary software. 
One more project for Extended range RFID skimmer
Securing Windows XP is easy. You just need to follow a few hundred easy steps 
Seriously, I’ll try shortening this up. First, you need a *good* firewall. I don’t know about you, but I just don’t trust the built-in one. Don’t know anyone who knows what it is and trusts it, though…
The best firewall I’ve come to use is Comodo Firewall - it has a period of learning, let it know which apps are safe, you will be the mentor for a while - but it’s worth it. It’s rock solid. More…