IE 8 Beats Competition in Microsoft-sponsored Security Tests

But NSS Labs won't say where it got its list of malicious URLs, and why it left out exploit sites

Internet Explorer 8 blocked about four out of every five sites that attempt to trick visitors into downloading malicious software in browser security tests performed by NSS Labs.

In the Microsoft-sponsored tests, Firefox 3 came in at a distant second with 27 percent. Safari 4 scored 21 percent, Chrome 2 blocked 7 percent, and the Opera 10 beta was barely there with a 1 percent block rate. The tests did not include sites that use hidden exploits and drive-by-download attacks to attempt to install malware without your ever having a chance to recognize an attack.

According to the report, NSS Labs tested against a list of 2,171 socially engineered malware URLs, which it defines as "a web page link that directly leads to a 'download' that delivers a malicious payload whose content type would lead to execution," over the course of 12 days in July. The tests focused on sites that try to trick you into doing the dirty work of installing the malware, such as sites that disguise malware as a video codec or player.

Blocking these sites is a good thing for any browser, but so is blocking exploit sites. Hidden attack code on exploit sites will search for software flaws in an ActiveX control or browser plugin, for example. If such a flaw exists, the attack code can install malware without having to trick you into downloading anything.

NSS Labs also tested against phishing sites, with much closer results. IE 8 blocked 83 percent of the information-stealing sites, and Firefox 3 blocked 80 percent. Opera 10 beta stopped the pages 54 percent of the time, Chrome 2 blocked 26 percent, and Safari 4 intervened for only 2 percent.

While these results may be fully legit and highlight a real advantage for IE, eyebrows go up whenever a company being tested is also footing the bill. NSS Labs could quell such skepticism by saying where it got its list of malicious URLs, and why it left out exploit sites. The company's report doesn't include this info, and NSS Labs hasn't yet returned calls.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags ie8Microsoftsecurity

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Erik Larkin

PC World (US online)
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?