NSS Labs tests put Microsoft Internet Explorer 8 out in front of Firefox, Safari, Opera and Chrome when it comes to blocking rogue sites. According to the findings, IE 8 blocks 83 percent of phishing sites, compared with 26 percent stopped by Google Chrome.
In a browser
death match, Microsoft
Internet Explorer 8 has come out on
According to research from
independent security company NSS Labs,
IE 8 detected almost three
times as many socially engineered malware links as Mozilla Firefox and Apple
IE 8 blocked 81 percent of socially engineered malware URLs, defined as
links pretending to be legitimate in order to lure users into downloading
malware. The other browsers did not fare nearly as well-Firefox 3 caught 27
Safari 4 caught 21 percent and Google Chrome 2 caught 7 percent.
The Opera 10 beta only blocked 1 percent of the links.
IE 8 and Firefox were essentially neck-and-neck in catching phishing sites,
blocking 83 and 80 percent respectively. Opera 10 blocked 54 percent, Chrome blocked
26 percent and Safari 2 percent.
"Technically, the SmartScreen reputation system that feeds IE 8 had
good coverage of malicious sites and was able to get warnings to the users
quickly," said Rick Moy, president of NSS
Labs. "It's a big problem, and they appear to be putting significant
resources into it."
When NSS Labs tested the browsers earlier
in 2009, IE 8 caught 69 percent of socially engineered malware. Detection for
Firefox and Safari dropped slightly by about 3 percent, while Chrome went from
catching 16 percent of socially engineered malware sites to about 8 percent in
the recent test.
read more about Google Chrome 2 security, click here.
"Chrome 2 performed very consistently, albeit very poorly. Chrome 2
lost the most ground compared to Internet Explorer 8 over the two tests,
declining 8 percent and blocking 74 percent fewer malicious sites than the
leader," the NSS Labs report said. "Users
should not expect any protection against socially engineered malware from Opera
Each of the major browser vendors has taken its own steps
to bolster security
in the latest editions of their products, from IE 8's
cross-site scripting filter to new malware protections in Firefox. In Chrome
2.0, Google included protections against cross-site request forgery and
clickjacking. Still, with the threat landscape continuing to grow, enterprises
would do well to consider browsers with the most protection, Moy said.
"Enterprises need to base their security strategies as well as product
purchase, configuration and management decisions off of empirical, up-to-date
data," Moy said. "So, if two browsers both meet a company's business
needs, then the one that offers a free additional layer of protection should be