Security Advisor

IE 10 Blocks More Malware than Competing Browsers 

In lab tests, Microsoft's latest browser blocks 99 percent of malware attacks. But can lab-tested attacks accurately represent real-world attacks?

According to a report released last month by research firm NSS Labs, Internet Explorer 10 has a higher block rate of malware attacks than any other browser on Windows.   

The firm's figures found that after throwing 754 samples of malware at the top-five browsers, Microsoft's latest version of IE was successful in blocking 99.96 percent of attacks, which put it ahead of second-place Chrome 25/26, which blocked 83.16 percent. After that, there's a dramatic drop in success rate. Safari 5 only blocked 10.15 percent of malware, Firefox 19 clocked in at 9.92 percent and Opera 12 had a poor showing of only protecting against 1.87 percent.

And Microsoft is not shying away from sharing NSS Labs' findings. "Put differently, only four pieces of malware out of a thousand bypassed Internet Explorer's protections," said Fred Pullen, senior marketing manager for the Internet Explorer group in a blog post. "For Chrome, about two out of ten attacks would have relied on other protection like antivirus software. For Firefox and Safari, nine out of a ten attacks would need to be stopped elsewhere. This is a great example of why the security principle of 'defense in depth' is important."

NSS Labs' report said that the main reason why Internet Explorer 10 and Chrome are leaps and bounds ahead of other browsers when it comes to malware protection is due to strong "file reputation systems combined with URL reputation and site blocking technologies."

Internet Explorer 10 doesn't only lead the pack in blocking malware; it also racks up a far smaller amount of software vulnerabilities than its competition.  According to Symantec's 2013 Internet Security Threat Report, Internet Explorer also racks up far fewer browser vulnerabilities than its competitors, and is only slightly bested by Opera. Internet Explorer (all versions) only accounted for 7 percent of all browser vulnerabilities, while Apple's Safari came in dead last with more than 35 percent of all known browser holes last year.

While Microsoft's testing scores do look impressive, NSS Labs does warn that lab-controlled attack results don't always translate to the real world, where results may not be as high due to attackers being able to work around reputation blocking technologies and end users ignoring warnings that pop up alerting of potentially dangerous Web sites.

"Without empirical testing of user behavior outside the lab, it is not known how often application reputation warnings are ignored," read the NSS Labs report. "It cannot be assumed that the usage rates would be identical for Chrome and Internet Explorer users, since the exact wording of the warning message, as well as the difficulty in overriding the block, will affect absolute rates."

What's your take? How does Internet Explorer 10 stack up to real world use? Is it leaps and bounds ahead of most of its competitors as the lab tests indicate? Share your thoughts in the comments below.

About the Author

Chris Paoli is the site producer for and


  • Spaceflight Training in the Middle of a Pandemic

    Surprisingly, the worldwide COVID-19 lockdown has hardly slowed down the space training process for Brien. In fact, it has accelerated it.

  • Surface and ARM: Why Microsoft Shouldn't Follow Apple's Lead and Dump Intel

    Microsoft's current Surface flagship, the Surface Pro X, already runs on ARM. But as the ill-fated Surface RT showed, going all-in on ARM never did Microsoft many favors.

  • IT Security Isn't Supposed To Be Easy

    Joey explains why it's worth it to endure a little inconvenience for the long-term benefits of a password manager and multifactor authentication.

  • Microsoft Makes It Easier To Self-Provision PCs via Windows Autopilot When VPNs Are Used

    Microsoft announced this week that the Windows Autopilot service used with Microsoft Intune now supports enrolling devices, even in cases where virtual private networks (VPNs) might get in the way.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.