So what's the big deal?
Even legitimate sites, he notes, sometimes end up running malicious code when scammers figure out ways to sneak tainted, bogus ads into the major online ad networks.
"The NoScript extension makes it easy to place or remove these restrictions on a site-by-site basis, but a novice user may need some practice to get the hang of doing this smoothly", he adds.
Krebs also points out that Google Chrome also includes similar script- and Flash blocking functionality that seems designed to minimise some of these challenges by providing fewer options.
And here's a spot of good news that you probably aren't' aware of, as he also notes that Internet Explorer 9 includes new security features, such as enhanced memory protection and Microsoft's SmartScreen Application Reputation engine, which is designed to alert users when they try to download files from locations on the Web with an unknown or dodgy history.