Study: IE 9 Defends Best Against Malware Links

NSS Labs survey finds that IE9 blocks almost all malicious URLs, while the closest competition was at 13 percent.

By John P. Mello Jr.

August 15, 2011PC World — Microsoft Internet Explorer 9 offers Web surfers the best protection against social engineering malware, according to test results released today by an independent research firm.

With its new Application Reputation feature, IE9 blocks malicious URLs more than 99 percent of the time, according to NSS Labs, of Carlsbad, Ca.

Application Reputation is Microsoft's attempt to create a definitive list of every application on the Internet. The list is dynamically created and maintained, much the same way Google and Bing are continuously building and maintaining a library of content for search purposes. That list is then used to establish the reputation of a program.

"It became obvious from these recent tests, in comparison to NSS Labs' earlier global tests, that Microsoft continues to improve their IE malware protection in IE9 through its SmartScreen Filter technology and with the addition of SmartScreen Application Reputation technology," NSS reported.

Hot Nude Girls

NSS defines social engineering malware URLs as links that entice users to download a malicious payload or visit a site known to host malware links. The carrot that gets users to click is often the promise of nude pictures or fantasy football apps,

"With a unique URL blocking score of 99.9 percent and over-time protection rating of 99.2 percent, Internet Explorer 9 was by far the best at protecting against socially-engineered malware," it added.

The unique URL blocking score measures what percentage of malicious links a browser blocks when those links first become active. The overtime protection rating looks at what percentage of malicious links a browser blocks over a period of days.

Internet Explorer's test results left the scores of four competing browsers in the dust. The over-time protection rate for Google Chrome, for example, was 13.2 percent, while for Firefox 4 and Safari 5 it was 7.6 percent and for Opera 11, 6.1 percent.

Learning from Experience

"Microsoft is the most attacked company in the world, so this is something they have a lot of experience with," said NSS President and CEO Rick Moy. The Redmond giant collects data on all the attacks on their products to create the list of benign and malicious applications that drive Application Reputation.

Neither Microsoft nor any other browser maker sponsored the report, Moy said. Each browser maker is invited to participate, free of charge, in setting up its browser properly for the test.

The NSS test results confirm claims made by Microsoft about the effectiveness of the blocking features introduced in IE9. Those claims were initially challenged by one security researcher. "Because IE9's unable to block exploits of such software as Adobe Reader and Flash, Apple's iTunes or Oracle 's Java, Microsoft's data doesn't show the real picture," declared Sophos's Chet Wisniewski.

RESOURCE CENTER