IE8 whips rivals in blocking malware sites

Microsoft's browser lengthens lead over No. 2 Firefox, blocks 81 per cent of infected URLs

Microsoft's Internet Explorer 8 (IE8) again trounced rival browsers in a test of their malware-blocking abilities, catching 81 per cent of attack code-infected sites, according to a testing company.

IE8's skills at sniffing out malware sites improved by 17 per cent since March, said Rick Moy, president of NSS Labs, the firm that conducted the benchmarks. The testing was sponsored by Microsoft's security team.

IE8's improvement, and its dominance over competitors, could make some users reconsider their decision to abandon Microsoft's browser for one of its challengers. "Should people rethink that decision?" Moy asked. "By [this] data, absolutely."

While IE8 blocked eight of 10 of the malware-distributing sites that NSS included in its 12-day test, the nearest competitor, Mozilla's Firefox 3.0, caught just 27 per cent of the same sites. Apple's Safari 4.0 and Google's Chrome 2.0, meanwhile, blocked only 21 per cent and 7 per cent of the sites, respectively. Opera Software's browser properly identified only 1 per cent.

"I think it comes down to resources and the focus of these companies," Moy said in an interview, referring to Microsoft's ability to out-spend rivals on such things as security research and malicious site investigations.

"The more researchers you have, the better you'll do. Microsoft has a certain amount of paranoia [about security] because of its footprint of services that get attacked all the time, like Hotmail, and it has the money to hire really smart people."

Opera, which performed the poorest in the malware-blocking benchmarks, is an example on the other end of the spectrum, said Moy. "What resources do they really have to bring to the problem?" Moy said. "There's a lot that can't be solved with software, but requires the human element."

NSS tested five Windows-based browsers -- IE8, Firefox 3.0.11, Safari 4.0.2, Chrome 2.0.0.172.33 and Opera 10 beta -- against more than 2,100 malware sites in 69 test runs over 12 days. Like the tests NSS Labs ran last March, the sites were so-called "socially engineered" malware sites, the type that trick users into downloading attack code.

Typically, the download is disguised, often as an update to popular software such as Adobe's Flash Player.

The tests did not include sites that launch "drive-by" attacks that don't require user interaction, an increasingly common tactic by hackers who often infect legitimate sites with kits that try a number of different exploits in the hope of compromising an unpatched browser or PC.

To defend against the kind of sites that NSS tested, browser makers have added anti-malware features to their software. Microsoft, for instance, has aggressively touted its SmartScreen Filter, a new malware-detection feature in IE8.

All browsers that include such a tool -- or anti-phishing tools, which operate in a similar fashion -- rely on a "blacklist" of some sort. The list, which includes known or suspected malware sites, is used to display warnings before a user reaches a site, but after the URL is typed in.

"The foundation is an in-the-cloud reputation-based system that scours the Internet for malicious sites," explained Moy, "then adds them to a black list or white list, or assigns them scores." The browser then uses that information to block or allow access to a site.

IE8 significantly improved its lead over other browsers since March, Moy noted, with its browser's malware-blocking rate up 12 percentage points -- a 17 per cent improvement -- while rivals' scores declined across the board. Firefox dropped three percentage points, for example, as did Safari 4; Chrome fell eight percentage points and Opera, four.

Even though Firefox, Safari and Chrome all rely on the same data source for their anti-malware blacklists -- Google's SafeBrowsing API -- their scores varied considerably, something Moy thought was due to each browsers' use of the list.

"Google produces the API, but that doesn't mean all the browsers consume the data in the same way at the same time," he said. "We don't have any visibility on how many people are looking at the [SafeBrowsing] data, but clearly Firefox must be adding other things to it."

Moy also said that IE8's anti-malware protection improved over time at a greater rate than did its rivals. Because NSS Labs tested every four hours, it was able to measure how quickly each browser reacted, and blocked, a new threat introduced into the test.

While IE8's score jumped from 51 per cent on Day Zero -- the day the infected site debuted on the Internet -- to 91 per cent by Day 5 (a 40 point jump), Firefox was only able to muster a 10-point increase, from 14 per cent to 24 per cent. Chrome improved the most over the course, starting at just 3 per cent on Day Zero and ending at 14 per cent on Day 5.

"I was surprised when Microsoft got 69 per cent in the first study," said Moy. "Then they went from 69 per cent to 81." NSS hopes to repeat the test before the end of the year.

According to the most recent data from Web metrics vendor Net Applications, IE8 accounted for 12.5 per cent of all browsers used in July, representing 18 per cent of all versions of IE in use.

The NSS report can be downloaded from the company's Web site (download PDF).

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags ie8web browserssecuritymalware

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Gregg Keizer

Computerworld (US)
Show Comments

Essentials

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?