Google hit by malvertizing

Sad to read this; its been a little while since we’ve read about such a big outbreak:
http://arstechnica.com/security/2014/09/google-stops-malicious-advertising-campaign-that-could-have-reached-millions/

So, what can you do to protect yourself between the time something like this hits, the ad networks or others identify it, and it gets shut down?

1. Update **all** software on your computer and your operating system, and keep it up to date
2. If you have Java, get rid of it unless you really need it
3. Any software installed that you never, ever use? Uninstall it.
4. Consider setting Firefox with No-Script running with heightened security as your default web browser to protect you from accidental clicks.
5. (I suggest this one very hesitantly because I still strongly believe that every legitimate web site’s owner is entitled to earn an income); consider a reputable ad-blocker.
6. Consider installing Malwarebytes Anti Exploit (not a cast iron guarantee of protection, but a good extra protection)
7. Oh, and run as a Standard User, not Admin, ALL. THE. TIME. Yes, it’s a pain sometimes, and some stuff just won’t work (hello java update process) but it may save you some grief. Have a special account called “myname_admin” or something, you’ll get a popup and can enter your special admin password as needed.  Seriously, having to enter a password more often is far less painful than losing everything to malware.

Are you a publisher or in ad-ops? Read this! http://www.anti-malvertising.com/