" When Web browsers first emerged as front-end interfaces to Web-based applications, it was in an era where application-layer attacks were few and far between. Today, the browser has become one of the most critical and most used pieces of software on everyone's computer. Consequently, it has become the focus of attack.
Despite the best efforts of the computer security industry, the number of flaws continues to grow; new ones have already been found in Microsoft Internet Explorer 7, and Firefox is coming under increasing scrutiny by industry experts and attackers. Browser vendors are faced with the impossible task of writing flawless code while hackers only have to spot one error in order to find an attack vector. The emergence of the "exploits-as-a-service" business, where malware is sold to organized crime, has helped to increase the cries for better Web browsers and Web browser security. "
"Web browser security is an ongoing issue because a browser cannot distinguish between malicious and non-malicious content. The critical question is, at what point should the browser defer to the user's decision to allow particular content, versus blocking it regardless?"