GOOD LORD: Nearly half of all websites pose security risks.

According to a new study of the top one million domains, 46 percent are running vulnerable software, are known phishing sites, or have had a security breach in the past twelve months.

The big problem is that even when a website is managed by a careful company, it will often load content from other sites, said Kowsik Guruswamy, CTO at Menlo Park, Calif.-based Menlo Security, which sponsored the report, which was released this morning.

For example, news sites — 50 percent of which were risky — typically run ads from third-party advertising networks.

I’ve stopped relying on ad-blocker plugins and use a Java Script blocker instead, which allows you much more discrete control over what, exactly, is allowed to run in your browser.