14 DAY TRIAL // Internet Explorer 9 offers the best protection against socially engineered malware according to the latest tests performed by NSS Labs focused on European users.
The results of NSS Labs’s “Web Browser Group Test Socially-Engineered Malware - Europe Q2 2011” report are conclusive with previous findings of the testing outfit, which consistently highlight IE as offering the best protection against socially engineered malware, even though Microsoft rivals contest the conclusions.
In the latest round of testing, NSS Labs looked at Google Chrome 10.0.648.204, Windows Internet Explorer 8 (build 8.0.7600.16385), Windows Internet Explorer 9 (build 9.0.8112.16421), Mozilla Firefox 4.0, Opera 11.01 Build 1190 and Safari 5.0.5(7533.21.1).
“With SmartScreen enabled and Application Reputation disabled, IE9 achieved a unique URL blocking score of 89% and over-time protection rating of 92%. Enabling Application Reputation on top of SmartScreen increased the unique URL block rate of Internet Explorer 9 by 11% (to 100%) at zero hour as well as the over-time protection by 8% (to 100%),” NSS Labs revealed.
“Internet Explorer 9 was by far the best at protecting against socially-engineered malware, even before App Rep’s protection is layered on top of SmartScreen.”
Socially engineered malware refers to malicious code that is being spread through social engineering techniques to unsuspecting users.
Victims are in fact tricked through various means into compromising their own machines by installing malware which often masquerades as legitimate software, from antivirus to codecs.
Socially engineered malware doesn’t use vulnerabilities in the software to spread, and as such, traditional security layers, sandboxing for example, are ineffective when it comes to blocking infections.
Instead, such malicious code is deployed by the users themselves, after they’re tricked by attackers to believe that they’re actually installing legitimate software.
Here are NSS Labs’ conclusions for the additional browser tested:
“Firefox 4 achieved a 13% protection rating, on par with protection offered by Chrome and Safari —86% less protection than Internet Explorer 9 and 77% less than Internet Explorer 8. Firefox exhibited deterioration in protection compared with our Q3 2010 global test that can be attributed to either the implementation of Safe Browsing API v2 or new tactics being used by cybercriminals that Safe Browsing has not yet adapted to. There was a slight 1% improvement between zero-hour protection (16%) and eventual protection at the 19 day mark (17%).
Safari 5 achieved a 13% protection rating on par with Firefox and Chrome converging at a roughly 17% block rate after 19 days. However, Safari presented a notable lag in protection vs. Firefox with zero-hour protection of 11% (vs. Firefox’s 16%).
With a protection rating of 13%, Chrome 10 offered nearly identical protection to Safari and Firefox. Browser Security Comparative Test: Socially-Engineered Malware
Opera 10’s overall blocking rate of 5% was consistently the lowest in the group. However, this was an improvement over the 0% scores in our previous global tests, and is likely attributable to the company’s partnership with antivirus firm AVG.”
In the past, in response to earlier NSS Labs reports also focused on socially engineered malware, browser vendors such as Google and Opera criticized the results, and raised questions about their accuracy.
Internet Explorer 10 (IE10) Platform Preview 2 (PP2) Build 10.0.1008.16421 is available for download here.
Windows Internet Explorer 9 RTW for Windows 7 and Windows 7 SP1 is available for download here.
Firefox 5 for Windows is available for download here.
Google Chrome for Windows is available for download here.
Opera 12.00 Codenamed Wahoo Pre-Alpha and Opera 11.50 for Windows are available for download here.
