There is an old saying that says, "To survive a bear attack you don't have to outrun the bear, you just have to outrun your friend." This analogy can also be applied, to some degree, to the Internet as well. In some instances, you don't have to completely secure yourself from hackers, you just have to be more secure than the next organization. Hackers go after low hanging fruit because it gives the most bang for their buck. This year it appears that client side attacks represent that low hanging fruit. The modern web browser is an incredibly complicated piece of software with a large attack surface. Throw on some third party software like ActiveX controls (most of which are chock full of buffer overflows) and you have a hacker's playground.
Using group policy to manage the list of trusted sites:http://support.microsoft.com/kb/816703
CTU Research Incident Response and Management Information Security Intelligence Risk Management