Picking up spyware or a virus/worm/trojan used to require some conscious action on the part of the user:  opening an email attachment, installing supposedly ‘necessary’ system software (video codecs were a common ploy), or downloading media and/or applications of questionable origin.

These days, Bad Things can occur much more transparently: the most rapidly growing method of spreading malware today is via compromised websites – so now, rather than having to (one way or another) make the explicit decision to ‘invite the bytes’ onto your machine, merely visiting a malicious (or unknowingly compromised) site can launch an exploit.  And since this new type of ‘drive-by’ attack is often implemented through 3rd-party browser plug-ins (such as Flash and Acrobat Reader) or via good old fashioned Javascript, it’s not just a Windows or Internet Explorer issue anymore (for the first time, Apple recently issued a KnowledgeBase article advising users to start installing antivirus protection (although after the resulting flurry of unwanted publicity, the warning was removed from the Apple site 24 hours later).

Although the increase in web malware activity is dramatic, it’s been going on for some time now: a recent study found that during 2007 alone, the number of such attacks increased more than 500 percent.  And while this is bad enough news for the home user, it’s even more troublesome for the enterprise, as HTTP (port 80) is the often the only traffic left largely unrestricted on corporate firewalls.

One simple precaution?  Update, update, update.  To address Javascript engine vulnerabilities, update your browser religiously, regardless of which particular browser or operating system you’re using.   As for Acrobat Reader, resist the temptation to ignore those frequent messages about available updates: you might wonder just how much better a PDF can possibly be displayed, but these days, chances are good that the update has something to do with security – and the same goes for Flash.

You can check for any available updates for Acrobat Reader from the Help menu of the application itself, and to check your version of Flash, go here - the Adobe site will inspect your installation and let you know.