Can the browser you use enhance your security? It's a reasonable question. After all, Internet Explorer is installed on Windows systems all over the planet, so it isn't surprising that 69 percent of all hacker attacks on browsers are aimed at it.

But the news in a recent Symantec security report, from which that number comes, is that attacks have stepped up against all the major browsers.

Firefox, the browser I love for its speed and the extensions that can significantly increase its range, led the report with 47 discovered security vulnerabilities. That compares to 38 in Internet Explorer, 12 in Safari and seven in Opera.

The good news is that when it comes to patching -- fixing the problems through security updates -- Firefox gets its patches out quicker than any other browser, usually in one day.

Software patches are an important issue, and they've been very much in the news lately with the latest round of attacks on Internet Explorer. One upshot of a vulnerability in a Windows file called "vgx.dll" is to allow hackers to exploit deceptive links in e-mail or on Web sites. When you click on the link, you're taken to a site that is designed to secretly load malicious software onto your PC.

A common ploy is to use phony messages purporting to be greeting cards. Try to view the card and you're in danger of compromising your machine.

Although Microsoft normally releases its patches on the second Tuesday of every month, the fix for this exploit may turn up sooner, as the company responds to what seem to be widening attacks. You can see that the smaller the window between the discovery of the security flaw and the arrival of the fix, the better.

Get stung by this one and your machine may fill up with spyware or worse.

The lesson is clear: As with anything else in our Net-connected world, security can't be taken for granted no matter which tool you use.

But not all news on the browser front is focused on crisis management. Following up recent concerns about search engine use, a tweaked version of Firefox called Torpark has made its debut. Able to run directly from a USB drive so that you can plug it in at a cybercafe, the free browser works by making the Web site it visits see a different IP address every few minutes.

Prepare to pay a small sacrifice in speed for anonymous browsing (torpark.nfshost.com).

* * *

I always admire the ingenuity of software writers who can come up with solutions to common security problems, but another part of me finds the whole situation depressing.

My mail is constantly filled with phishing schemes, the most common being messages claiming I have set up new addresses on PayPal or eBay and asking me to verify them. Hovering the mouse over the links in the messages shows they're not from either organization, but I'm sure huge numbers of people continue to be taken in by these schemes.

Phishing attacks are up 81 percent in the first half of 2006, compared with the last half of 2005. That's also from the Symantec report, and it reminds me how cleverly the pond scum behind these attacks have managed to slip past spam filters.

If you haven't seen any phishing scams yet, you will -- 157,000 unique phishing messages, purportedly from banks or other legitimate outfits, went out in the first half of this year. When it comes to e-mail, the watch word is, beware of organizations bearing links. Click at your own risk.

* * *

Sometimes the issue isn't so much security as it is embarrassment.

Ask those of us who have occasionally sent e-mail to the wrong recipient in our address book, or mixed a personal note inadvertently into a mailing list discussion.

Addressing the issue for business is the VaporStream system (www.vaporstream.com) from Boston-based Void Communications. About to be introduced at the Demo tech show in San Diego, VaporStream sets up secure communications routes between employees.

Think of it as a way to bypass normal e-mail and chat; instead, workers use a VaporStream page, talking back and forth in encrypted fashion via servers maintained by the VaporStream system.

The messages don't remain on the server, nor do they clog normal business traffic at the company that subscribes to the service. For that matter, not even sender and recipient have a full copy of the messages.

This $40-per-year service might be a handy way for business to filter more personal messages from the office archives.