Modifying the executable code of the Web browser or the browser's plug-ins. The Web browser is the most vulnerable application when it comes to security, because Web pages contain programming code (see
JavaScript). Any Web page that is merely viewed may damage the user's computer if the page contains malicious code, and the browser and operating system retain the vulnerabilities being exploited. This is why Web browsers and operating systems employ automatic updating to apply patches on a regular basis. See
live update and
browser extension.