“Socially engineering attacks like malware are a growing threat on the internet and are one of the most common risks to people’s safety online” wrote Microsoft’s James Pratt.

“We have got better and better at blocking malware through the SmartScreen Filter because we have continued to invest in our back end service since we released IE8 in March 2009″ said Pratt.

In the last two months, more than 100 million malware attempts have been blocked by Internet Explorer 8, 5 times as many as the same time last year, with more than 1.7 times the users.

The continued investment and development of malware protection is great for consumers, and helps keep their home PC’s safe.

Malware, also known as phishing (pronounced fishing), protection can also be found in other popular browsers such as Firefox, Chrome, and Opera.

A new security vulnerability has been found in Apple Safari’s Autofill feature, which can allow malicious websites to extract users personal information from their Address Book.

“All a malicious website would have to do to surreptitiously extract Address Book card data from Safari is dynamically create form text fields with the aforementioned names, probably invisibly, and then simulate A-Z keystroke events using JavaScript. When data is populated, that is AutoFill’ed, it can be accessed and sent to the attacker” wrote security researcher, Jeremiah Grossman.

Grossman submitted the vulnerability to Apple on 17th June, but Apple is yet to comment on the issue. Grossman has also released proof-of-concept code illustrating how the vulnerability works.

The vulnerability affects both Safari 4 and Safari 5 on Mac computers, with no patch in sight from Apple.

Available for many versions of Windows, starting at Windows 2000, and covering all versions of Internet Explorer from IE5.01, the update is highly recommended for all Windows users.

The update fixes six security vulnerabilities, with the most serious allowing remote code execution if a user visits an infected website.

Windows users with Automatic Updates turned on will receive the update in the coming days.

Nine of these are rated as a high threat level, while the remaining two are only rated as medium. More details on these threats can be read in the Google Chrome Releases blog.

The update is available for all Windows, Mac, and Linux users, and it will be pushed out automatically to these users as usual. New users can download Chrome from the Google Chrome website.

The exploit could allow a malicious user to execute arbitrary code on a remote system and is rated highly critical by Secunia.

“The vulnerability is caused due to an error in the handling of parent windows and can result in a function call using an invalid pointer. This can be exploited to execute arbitrary code when a user e.g. visits a specially crafted web page and closes opened pop-up windows” says the Secunia security advisory.

The vulnerability affects both Mac OS X and Windows versions of the browser. Apple is yet to release an update to close the flaw.

The update addresses a security issue discovered in Windows versions.

“The vulnerability is caused due to an error when continuously modifying document content on a web page e.g. using document.write(). This may result in a function call using uninitialised memory when a user visits a specially crafted web page” detailed Secunia Advisory SA39590.

The update also fixes a potential freeze bug when using Google Maps for both Windows and Mac versions.

Opera 10.53 will be pushed out to Windows and Mac users over the next day, while new users can downloaded the browser from the Opera website.

The update includes two bug fixes, one of which solves a bug that causes slow JavaScript performance.

Three security holes have also been closed, all of which were rated as high.

A more detailed description of each of these issues can be found in the change log.

Windows users will automatically receive the update, while new users can download Chrome from the Google Chrome website.

The latest release closes seven security holes, 4 of which were rated as high,  with the other 3 rated as medium.

A full list of security holes that were fixed can be seen in the release notes.

The browser will automatically update itself for Windows Chrome users, or can be downloaded from the Chrome website.

It’s the only change for Firefox 3.6.3, which closes a hole that could potentially allow remote code execution after a user visits a site with the infected code.

Full details for Firefox 3.6.3 can read in the release notes, including more detailed information about the fixed security issue.

Firefox 3.6.x users will receive a notification from the browser when it is ready to be updated, or  it can be downloaded directly from the Firefox website.

The update fixes a crash bug, and adds a new option to disable the new translate feature. This release also closes a security hole which was rated as low and would crash the browser upon receiving a bad FTP response.

Information on these two crash bugs can be read in issues 38857 and 38845.

The update will be pushed out to Windows Chrome users automatically, or alternatively, you can download the browser from the Google Chrome website.