Report: IE 9 Best Defense Against Social Malware

Microsoft's Internet Explorer 9 browser once again topped the list of browsers providing the greatest protection against socially engineered threats, according to NSS Labs.

This latest August 2011 third-quarter report from the Carlsbad, Calif.-based "independent security and performance lab" collected worldwide test data on socially engineered malware in the second quarter of this year. The performance of leading browsers against threats in which users get tricked into downloading malware was compared. Those browsers included IE 9 (with and without a new "application reputation" feature), Google Chrome 12, Apple Safari 5, Mozilla Firefox 4 and Opera 11.

As with previous NSS Labs reports, there was no contest, with IE 9 providing 99.2 percent protection against socially engineered threats. That result included Microsoft's new application reputation feature. Without that feature, IE 9 still maintained the lead, with 96 percent protection, according to the study.

In contrast, other browsers trailed greatly. Chrome 12 blocked 13.2 percent of socially engineered attacks. Firefox 4 and Safari 5 blocked 7.6 percent of those attacks each. Opera came in last by blocking just 6.1 percent of the attacks.

Compared with NSS Lab's Q3 2010 report, IE 9 showed a 0.2 percent protection improvement in this Q3 2011 report. Chrome 12 showed the best improvement, at 10.2 percent year over year. Safari and Firefox each slipped, year over year, showing 3.4 percent and 11.4 percent declines in protection, respectively. Opera's protection improved by 6.1 percent when compared year over year in NSS Labs' reports.

Microsoft's IE 9 uses a SmartScreen URL reputation service that accesses a cloud-based database to warn users about threats. Chrome, Firefox and Safari use Google's "safe browsing" reputation data feed in a similar way to block malware threats. Nonetheless, the report found that Google Chrome scored somewhat better than Firefox and Safari in protecting against malicious links.

Microsoft has acknowledged in the past that it has provided funding for NSS Labs studies on this topic, even though the reports themselves did not acknowledge that funding. This August 2011 Q3 report appears to be different, with NSS Labs indicating no sponsorship funding.

"This report was produced as part of NSS Labs' independent testing information services," the report states (p. 11). "Leading vendors were invited to participate fully at no cost, and NSS Labs received no vendor funding to produce this report."

NSS Labs' report, "Web Browser Security: Socially-Engineered Malware Protection -- Comparative Test Results Global, August 2011" can be downloaded for free here. The testing organization also produced two regional reports for Europe and the Asia-Pacific.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.


  • Get More Out of Your Outlook Inbox with TakeNote

    Brien comes across a handy, but imperfect, feature in Outlook that lets you annotate specific e-mails. Its provenance is something of a mystery, though.

  • Microsoft Resumes Rerelease of Windows 10 Version 1809

    Microsoft on Wednesday once more resumed its general rollout of the Windows 10 version 1809 upgrade, also known as the "October 2018 Update."

  • Microsoft Ups Its Windows 10 App Compatibility Assurances

    Microsoft gave assurances this week that organizations adopting Windows 10 likely won't face application compatibility issues.

  • SharePoint Online Users To Get 'Modern' UI Push in April

    Microsoft plans to alter some of the tenant-level blocking capabilities that may have been set up by organizations and deliver its so-called "modern" user interface (UI) to Lists and Libraries for SharePoint Online users, starting in April.

comments powered by Disqus
Most   Popular

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.