I think attacking IE's security is redundant. IE is fine. Firefox is fine.

If we want to talk about security let's talk about Adobe Reader, Java, Real Player, Flash, and all those other "common" third party apps that keep getting people infected.