I installed IE8 on a Windows XP SP3 computer (new and clean install, fully patched system, running Windows Defender, NOD32 antivirus and windows malicious software removal tool). I used it for about 2 days (with a limited account) and then I ran a SpywareDoctor*
It found a spyware called Spyware.BaiDu!
No warez, porn, file-sharing site was visited and I haven't installed any toolbars or adds-ons.
Any ideas how to avoid such infections?
It'd be interesting to see a test in which somebody visits specifically dangerous sites with IE8 and see how many malware is picked up.
( I won't do it for you...
I copy here the log file of SpywareDoctor.
Notice that it seems that the spyware modified registry. Again: it was used under a limited account. :-/
( *SpywareDoctor is a software which is included in Google Pack - a collection of essential softwares distributed by Google. )