Just because microsoft keeps failing to deliver a safe out of the box product doesn't mean users should leave ie in favour for a different browser. Security is the end users responsibility in the end. You the user decide to use what ever means of protection, not ms. "Disabling java and flash is not a good idea....... Cause allot of sites use these to show the normal web pages.." True, since both are often used in web (navigational) interfaces. I personally use the sp2 popup blocker, with sp2 firewall and a (huge) custom hosts file, in combination with ie-spyad and this activex blocker. My system has been running with no problems what so ever for over a year. I use the same setup an systems of relatives, friends and co-workers. They were all apprehensive at first, but after a while even they noticed the benefits of securing windows yourselves....