A new Microsoft-commissioned test by NSS Labs found IE8 and IE9 have boosted their malware protections ahead of browsers from Google, Apple and others.
NSS Labs report
puts Internet Explorer way ahead of rival browsers
from Google, Apple, Mozilla and Opera in the fight against malware.
The report, which was commissioned by Microsoft, is
the fourth analysis
by NSS Labs aimed at
testing the ability of Web browsers to block "socially engineered
malware" attacks. The findings are based on 11 days of testing in
September that pitted Internet Explorer (IE) 8 and 9, Safari 5.0.1,
Firefox 3.6.10, and Chrome 6.0.472.63 against malicious sites.
According to NSS, IE8 and IE9 caught 89
and 92 percent of the malicious sites in the tests within the first day,
respectively. This compared to 19 percent by Firefox 3.6, 12 percent by Safari
5 and 4 percent by Chrome 6. Opera fared the worst, detecting zero percent of
the live threats, according to the test.
NSS Labs defines a socially engineered
malware URL as a link that "directly leads to a download that
delivers a malicious payload whose content type would lead to execution, or
more generally a Website known to host malware links."
According to Rick Moy, president of NSS
Labs, the key to Microsoft's success is its use of reputation in the
SmartScreen URL filters in IE8 and IE9, as well as the application reputation
technology in IE9.
"Reputation technology is definitely important, and it can help close
[with] cyber-criminals," Moy said.
When it came to the amount of time it takes to add a malicious site to the
list of blocked sites, IE also led the way with a roughly 4-hour layover for
both versions. Firefox was next with slightly more than 6 hours, while Chrome
and Safari took approximately 18 and 37 hours, respectively.
Jeb Haber, principal program manager lead for Microsoft's Internet Explorer
security team, said that since IE8 shipped, Microsoft has delivered 1.2 billion
malware warnings. In IE9, which is still in beta, the company looked at
application reputation as a way to add more protection against malicious
The end result was integration between IE9's Download Manager and
SmartScreen filter. The technology checks both reputation data and
whether an executable comes from a trusted source to flag malicious
"Malware is evolving very, very quickly, and we wanted to approach it
from ... a different sort of perspective," Haber said. "So [application
reputation] is about two primary goals-one removing warnings that are
unnecessary ... and then obviously to reduce infections [and] to provide a
Google Chrome is now on Version 8. A Google spokesperson called the
test limited in its sole focus on socially engineered malware attacks
as opposed to other issues like vulnerabilities in plug-ins or the
"Additionally, the testing methodology isn't available in a way that
can be independently verified," the spokesperson contended. "Google
Chrome was built with security in mind from the beginning and emphasizes
protection of users from drive-by downloads and plug-in vulnerabilities-for
example, we recently introduced a new security
sandbox for Flash
The report can
be viewed here