I always recommend that people install an alternative browser to Internet Explorer. Personally I prefer Firefox to the other alternatives (Chrome, Opera, Safari) as I find the huge number of addons on offer give it an unassailable advantage. I’ve recently experimented with the NoScript addon, which enhances security by blocking active objects and scripts unless explicitly approved. However I found that I was forever having to grant permission to every site I visited for it to work correctly.
I’m sure some people will try to preach that this isn’t ‘properly’ secure, but for most users if they have to choose between removing NoScript, or having it in its default configuration, the majority will choose to go without it. Using it in this configuration will block XSS exploits and offer significantly improved security without much compromise to ease of browsing.