A drive-by download is a download that happens automatically when you visit a webpage. The download starts without you initiating it and may take place in the background without any notification.
Drive-by downloads can occur on both legitimate and malicious websites. For example, if a hacker gains access to a trusted website, he can install code on webpages that will initiate automatic downloads on visitors' computers. Malicious websites, such as those used in phishing and pharming activities, may intentionally download malware on users computers.
While drive-by downloads happen automatically, it is rare that the an executable file will run without your permission. This is because most browsers notify you when a file has been downloaded and will not open downloaded files automatically. Therefore, you can prevent damage from drive-by downloads by simply not opening unknown files downloaded by your web browser.