Microsoft has made great strides in educating Windows users about the need to keep their systems secure by downloading and installing the most recent updates. (I still recommend that you set Windows' Automatic Updates to download but don't install, as I described in a blog post from last July.)
The irony of the heightened awareness of Windows updates is that malware is less likely to target vulnerabilities in Windows--or other PC operating systems, for that matter. These days, most viruses and Trojans use holes in your browsers, media players, or Web applications to breach your system's security. That's why it's imperative to keep these programs up-to-date, which is a subject I covered in a post from last April.
Google pushes updates to its Chrome browser automatically--without bothering to let you know about it (the current version is 188.8.131.52). You may think I'm a hypocrite for preventing Microsoft from loading its updates automatically and applauding Google for doing the same thing with its browser. Here's the difference: if a Chrome update causes the program to malfunction, I can simply use another browser, but if a Windows update screws up, my entire system's hosed until I fix it.
If you want to use Chrome to browse without leaving any tracks on your system, press Ctrl-Shift-N to open a new browser window in Chrome's incognito mode. The sites you visit subsequently will not appear in your browser history nor will terms you search for stay in your search history. You won't pick up any new cookies, either.
You'll find plenty of add-ons in the Privacy & Security section of the Firefox Add-ons page that give Firefox a similar stealth mode. You can also choose Tools > Clear Private Data to wipe your tracks in Firefox, but this setting erases all your history in the various categories. Chrome's incognito mode lets you retain the history you want and delete the history you don't want.
The best way to enhance your privacy while using Firefox is to set the browser to delete cookies each time you close the program. To do so, click Tools > Options > Privacy, select "Always clear my private data when I close Firefox," and click OK.
So what about Internet Explorer? IE 8 is said to be more secure than IE 7, which in turn was said to be more secure than IE 6. Two facts remain: Internet Explorer uses ActiveX, which in my opinion is inherently insecure; and IE 8's security options are way too complicated. What do those slider controls mean, really? (Press Alt, click Tools > Internet Options, and choose either the Security or Privacy tab to see what I mean.)
Bonus tip: Encrypt Gmail
I've been using Gmail as my primary e-mail service for several years, but it wasn't until a couple of months ago that I started encrypting my Gmail correspondences. (In fact, encryption wasn't available in Gmail until a couple of months ago.) To use encryption in Gmail, click Settings in the top-right corner of the main window, scroll to the bottom of the General tab, select "Always use https," and click Save Changes. Note that this setting prevents the iGoogle Gmail widget from working, but that's a small price to pay for the added security.
Web privacy resources
For more information on the privacy options in Google services, visit the Google Privacy Center. Along with an FAQ and overview, you'll find privacy videos and specific privacy options for YouTube, Orkut, Blogger, Docs, and other Google services.
The SANS Institute's Internet Storm Center offers a daily Internet threat level (green, the last time I checked) as well as information on the sources of recent Internet-based attacks and extensive links to other Internet security sources.
For a soup-to-nuts look at browser security, read the United States Computer Emergency Response Team's article Securing Your Web Browser. The information was last updated more than a year ago but remains relevant. Some of US-CERT's browser-setting recommendations are overkill for regular, everyday browsing, so take the advice with the proverbial grain of salt.