Internet Explorer users were at risk for 284 days in 2006 because of delays in patching known flaws, according to a security blog. 

The report by the Washington Post, which was based on data provided by Microsoft and interviews with security researchers, found that the IE browser was unprotected for 78 per cent of the year. 

This included at least 98 days in which no software fixes were available to plug browser flaws that were actively being used to steal personal and financial data.

In comparison, Mozilla's Firefox browser had just one nine-day period last year during which a serious security hole went unpatched. 

A total of 10 'critical' flaws during 2006 had information about how to exploit them posted online before Microsoft had produced a patch.

Washington Post journalist Brian Krebbs said that he had shared the data from his research with Microsoft before publication and that, other than a few quibbles, Redmond had not raised any objections.

Roughly 85 per cent of surfers use the Internet Explorer web browser.