Two of the biggest mistakes Microsoft ever made were tying Internet Explorer into the Windows OS and ActiveX. Exploits took advantage of both and some of the nastiest malware ever written entered millions of PCs through these vectors. I’ll be the first to acknowledge that IE7 has enhanced security and MS has taken some of the hooks out of the OS, but the old adage, “Once burned, twice shy” is my operating basis. Yes, you can configure IE to be relatively secure, but it’s more work than the average user is willing to do. Why not just use a browser that’s relatively secure to begin with?
Some things still (unfortunately) require IE, so you’ll have to use it sometimes; but, for everyday use, I don’t recommend it. Firefox 3 and Opera 9.5 are both inherently more secure than IE. Take your pick. Either way, you’ll be more secure on the Web.