We recently conducted a small experiment, which we hope to soon expand and write up as a full report. The experiment looked at what happens when a user with Windows XP and Internet Explorer visits badware websites, both before and after that user installs the latest security updates from Microsoft.

We tested the same sample of 15 different web pages under both scenarios. These were pages on which we had confirmed bad code within the past 24 hours. Of the 15, 10 successfully infected the non-updated PC within seconds of opening the page with no additional action taken by the user.

How many of the pages successfully infected the machine with the latest updates? None.

There's still plenty more research to do, but the results so far give a pretty good indication that keeping your machine up to date helps a lot in protecting it from drive-by downloads. If you've been procrastinating on clicking that little yellow icon that says "updates are available," or if you disabled Automatic Updates because you find it irritating, it may be time to reconsider.