Looking at the paper it seems the only required step for Google to fix this issue is to enable download protection by default. With download protection Chrome and IE10 are essentially the same.<p>For me I will continue to only enable javascript on trusted domains.
Scary, considering that chrome use is going up and IE use is dropping.<p>Odd that there doesn't seem to be any good tech website offering a succinct overview of the report.
this is about how hard it is for users to download and run potentially malicious exe files with the browsers, ie has a whitelist of common non malware exes.