Report: Internet Explorer 9 leads in socially-engineered malware protection

by

Share this news now.

According to a newly released report from NSS Labs, Microsoft’s Internet Explorer 9 outperforms competing browsers in protecting against socially engineered malware.

More details:

NSS Labs has conducted significant research over time into the protection capabilities of Chrome, Firefox, Internet Explorer, and Safari. Throughout 2009 and 2010, protection provided by both Firefox and Safari exceeded that of Chrome1. Since the adoption of Safe Browsing API v2 and the elimination of proprietary solutions, both haved emonstrated a reduction in effectiveness at blocking traditional malware downloads.The latest round of testing occurred from November 21, 2011 to January 5, 2012, during which NSS researchers observed what appears to be a significant change when compared with historical results. Chrome’s protection rate steadily climbed to just over 50% before suddenly falling back to 20%. Over the same time period (Nov 21, 2011 –December 21, 2011), Firefox and Safari’s block rate remained at 2%, and then inexplicably jumped to 7% on the same day Chrome’s protection fell precipitously (December 22nd)

According to NSS Labs, the mean rate for socially engineered malware for Internet Explorer 9 is  96.5%, followed by Google’s Chrome with 34.1%, and Firefox 7 with 3.6%, next to Safari 5 with 3.5%.

Does this mean that Microsoft’s Internet Explorer 9 is indeed the most secure browser around? Not so fast. NSS Labs has positioned Internet Explorer as the leader in protecting against socially engineered malware several times before. See also:

However, users should also take into consideration the dynamics of today’s threat landscape. Despite that numerous Microsoft reports indicate that the most popular malware propagation tactic is that which requires user interaction — also known as socially engineered malware — these reports omit an important growth factor in the modern cybercrime ecosystem – the exploitation of client-side vulnerabilities, like the ones researchers from Webroot have stumbled upon recently.
 
The exploitation of client-side vulnerabilities takes place through the abuse of unpatched third-party applications, and browser plugins, something that Internet Explorer 9 doesn’t automatically protect from.
 
According to a study released in December, 2011 by Accuvant, the most secure browser with numerous built-in security features is Google’s Chrome.
 
 
End users are advised to be extra vigilant when interacting with content found on social networks, and to ensure that their PCs are free from client-side vulnerabilities found in third-party software, as well as their browser plugins.
 
Which browser are you currently using? Do you trust comparative security reviews like the ones reviewed in this post, or do you you base your browser choice on other factors?
 
Leave your comments and let us know.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.


Share this news now.
Report: Internet Explorer 9 leads in socially-engineered malware protection by

Trackbacks