Study: IE Scores Highest Against Social Malware

Microsoft's Internet Explorer 8 and 9 Web browsers demonstrated better protection against socially engineered exploits than other browsers, as described in a September NSS Labs report.

NSS Labs, which describes itself as an "independent, information security research and testing organization," put six browsers through a series of tests associated with social engineering threats. Two of the browsers tested came from Microsoft: the IE 9 beta and IE 8. Other browsers tested were Mozilla Firefox 3.6, Apple Safari 5, Google Chrome 6 and Opera 10.

Socially engineered threats are defined in the study as "a Web page link that directly leads to a download that delivers a malicious payload…or a Website known to host malware links," according to the third-quarter report, which can be accessed here. The report didn't test the intrinsic security of the browsers or browser plug-ins. It also did not test exploits-with-malware combinations, such as "clickjacking."

IE 9 and IE 8 blocked socially engineered malware at a mean rate of 98.7 percent and 90.2 percent, respectively. The other browsers faired much worse, according to the study. Firefox 3.6 had a mean block rate of 19.5 percent. Safari 5 had a mean block rate of 10.9 percent. Chrome 6 clocked in at a 3.4 percent mean block rate, while Opera 10 offered no protection from socially engineered threats at all.

The blocking mechanisms that thwart socially engineered threats work based on protections built into the browsers and also from Web services that categorize certain URLs into white lists (safe) and black lists (not safe). Users get a warning screen in their browser if the service detects that the URL to be visited leads to an unsafe site.

Chrome, Firefox and Safari all use the Google Safe Browser feed for this white list/black list protection. However, even though those browsers use the same service, they did not offer the same level of protection. No explanation for the varied performance was provided by the browser makers, according to the report. Moreover, the protection offered by those browsers actually decreased compared with results in NSS Labs' first-quarter 2010 report.

The use of version two of the Google Safe Browsing API may be the reason for the decreased protection rates seen for Chrome, Firefox and Safari between the first-quarter report and current third-quarter report, according to NSS Labs. Opera Software planned to use AVG's Online Shield reputation system, but NSS Labs' report speculated that the integration hasn't been completed yet. For example, Opera 10 did not block what AVG's system blocked, the authors explained.

In contrast, IE 8 showed an improvement of five percentage-points in its resistance to socially engineered malware compared with its test result in NSS Labs' first-quarter 2010 report. IE 8 uses Microsoft's SmartScreen Filter system to warn against socially engineered malware. IE 9 uses that technology plus "a new application reputation system." This new technology boosted IE 9's protection by four percentage points over IE 8, the report explained.

The report, "Web Browser Socially Engineered Malware Protection: Comparative Test Results" for September 2010, is the fourth study in a series that appears to be published every first and third quarter of the year. Microsoft's browsers showed similar high test results in thwarting socially engineered malware in previous NSS Labs reports.

Austin, Texas-based NSS Labs is funded by Microsoft but the study does not disclose that information with great clarity. Instead, this statement appears on page 12 of the study: "This private test was contracted by Microsoft's SmartScreen product team as an internal benchmark, leveraging our Live Testing framework."

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.


  • OneDrive Users To Get Storage Options, Plus New Personal Vault

    Microsoft announced a few OneDrive enhancements, including storage-option additions, plus a new "Personal Vault" feature for added security assurance.

  • Cloud Services Starting To Overtake On-Prem Database Management Systems

    Database management system (DBMS) growth is happening more on the cloud services side than on the traditional "on-premises" side, according to a report by Gartner Inc.

  • How To Replace an Aging Domain Controller

    If the hardware behind your domain controllers has become outdated, here's a step-by-step guide to performing a hardware refresh.

  • Azure Backup for SQL Server 2008 Available at Preview Stage

    Microsoft added the option of using the Azure Backup service to provide recovery support for SQL Server 2008 and SQL Server 2008 R2 when those workloads are hosted on Azure virtual machines.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.