This paper came out recently and examines the state of Web browser security and the correlation between a browser’s vulnerability and its advanced functionality.

http://www.microsoft.com/downloads/details.aspx?FamilyId=E550F940-37A0-4541-B5E2-704AB386C3ED&displaylang=en 

A few interesting sections with their page numbers:

Security Versus Functionality 5
Default Settings & Patches 6

Browser Attacks: How They Work 8
Embedding Malicious Code in Web Pages and Sites 8
URL Spoofing 8

Internet Explorer Service Pack 2 Security Enhancements 16

Local Machine Zone Lockdown 16
Zone Elevation Blocks 16

Consistent MIME Handling and MIME Sniffing 17
Preventing URL spoofing 17

Secure Download Management 18

Pop-up Window Controls 19

Add-on Management 20

The Future of Browser Security Including Internet Explorer 7 Enhancements 22