IE 8 Beats Competition in Microsoft-sponsored Security Tests

But NSS Labs won't say where it got its list of malicious URLs, and why it left out exploit sites

Internet Explorer 8 blocked about four out of every five sites that attempt to trick visitors into downloading malicious software in browser security tests performed by NSS Labs.

In the Microsoft-sponsored tests, Firefox 3 came in at a distant second with 27 percent. Safari 4 scored 21 percent, Chrome 2 blocked 7 percent, and the Opera 10 beta was barely there with a 1 percent block rate. The tests did not include sites that use hidden exploits and drive-by-download attacks to attempt to install malware without your ever having a chance to recognize an attack.

According to the report, NSS Labs tested against a list of 2,171 socially engineered malware URLs, which it defines as "a web page link that directly leads to a 'download' that delivers a malicious payload whose content type would lead to execution," over the course of 12 days in July. The tests focused on sites that try to trick you into doing the dirty work of installing the malware, such as sites that disguise malware as a video codec or player.

Blocking these sites is a good thing for any browser, but so is blocking exploit sites. Hidden attack code on exploit sites will search for software flaws in an ActiveX control or browser plugin, for example. If such a flaw exists, the attack code can install malware without having to trick you into downloading anything.

NSS Labs also tested against phishing sites, with much closer results. IE 8 blocked 83 percent of the information-stealing sites, and Firefox 3 blocked 80 percent. Opera 10 beta stopped the pages 54 percent of the time, Chrome 2 blocked 26 percent, and Safari 4 intervened for only 2 percent.

While these results may be fully legit and highlight a real advantage for IE, eyebrows go up whenever a company being tested is also footing the bill. NSS Labs could quell such skepticism by saying where it got its list of malicious URLs, and why it left out exploit sites. The company's report doesn't include this info, and NSS Labs hasn't yet returned calls.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags ie8securityMicrosoft

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Erik Larkin

PC World (US online)

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Shopping.com

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?