IE9's App Rep bumps browser's anti-malware score to 99%

Microsoft-funded study shows IE9 blocks most malicious sites, dangerous downloads, credits Application Reputation feature

1 2 Page 2
Page 2 of 2

But Moy also gave kudos to Microsoft's decision to put money and muscle behind browser blocking. "The obvious question is why does IE do such a good job?" asked Moy. "It's clear that the others just aren't putting the same amount of resources into solving the problem of malware and social attacks. The data bears that out."

NSS tested six Windows browsers -- IE8, IE9 Beta, Firefox 3.6, Safari 5, Chrome 6 and Opera 10 -- against socially engineered malware: Sites that dupe visiting users into downloading attack code. Typically, the download is disguised, often as an update to popular software such as Adobe's Flash Player, or as an innocuous video codec.

The tests did not include sites that attack browsers without any user interaction via drive-by attacks that exploit known or unknown vulnerabilities in Windows or its applications.

According to NSS Labs, IE9 blocked 99% of the 636 malware-distributing sites that were included in the final data. IE8, meanwhile, blocked 90%. Firefox warned users of just 19% of the same sites, while Safari, Chrome and Opera stymied 11%, 3% and 0%, respectively.

IE has taken honors in previous Microsoft-sponsored tests run by NSS Labs, but its scores, particularly IE9's, have improved significantly. Rivals' efforts at blocking malicious sites, however, have seriously degraded.

Although Firefox, Safari and Chrome offer anti-malware blocking -- the three rely on Google's own SafeBrowsing API -- their scores dropped between 10 and 14 percentage points since NSS Labs last tested them in early 2010.

"There's the [Microsoft] SmartScreen camp, and then the Google SafeBrowsing camp," noted Moy. He credited the different results among Firefox, Chrome and Safari to their different implementation of the SafeBrowsing API.

But looking at his testing data, Moy said it was clear that IE was head and shoulders, and then some, above the competition.

"Microsoft's not only using the blacklist approach [to warn users of possible malicious sites] but it's also bringing its knowledge of good applications into the data feed," Moy said. "Look at IE9 ... it's darn near perfect [on the tests]."

IE9 requires Windows Vista or Windows 7, and can be downloaded from Microsoft's site. The release candidate, or RC build, of the browser is slated to ship in early 2011, but Microsoft has not yet set a final release date.

NSS' malware blocking test report can be obtained from Microsoft's site as well (download PDF).

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed . His e-mail address is gkeizer@computerworld.com.

Copyright © 2010 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
9 steps to lock down corporate browsers
  
Shop Tech Products at Amazon