Now even major sites can participate in spread infections just by displaying advertising. The dark side submits an ad that downloads malware by just viewing the ad on a site.
This has become so common that Brian Krebs, of Security Fix fame, wrote an article about it called Cyber Crooks Hijack Activities of Large Web-Hosting Firm. Where it discusses a web hosting provider that has literally hundreds of infected host sites, and the site owners don't even know that their sites are infected.
Even Google discusses it in their new security blog with their initial post Introducing Google's online security efforts.
Alas we are not completely helpless. I have mentioned Noscript before and I will continue to recommend it to enhance your control over what runs on your computer.
I will also mention an anti-malware tool from eEye that I recently discovered called Blink that is currently free for personal use in North America.
eEye Digital Security is offering Blink Personal Internet security with Antivirus for free as a 1-year subscription in North America.If you are outside of North America, as of the time I write this, the price is $24.95 for one computer and $29.95 for three (3) computers. I have found this to be quite effective without causing performance issues.