Microsoft’s Internet Explorer 9 has proved once again to be the best choice when it comes to catching attacks aimed at making the user download Web-based malware. This claim was made by NSS Labs in the recently released results of a test conducted globally from May 27 through June 10 of the current year, which saw five of the most popular Web browsers pitted against each other. Windows Internet Explorer 9 (IE9), Google Chrome 12, Mozilla Firefox 4, Apple Safari 5 and Opera 11 were tested with 1,188 malicious URLs – links that lead to a download that delivers a malicious payload or to a website hosting malware links.
IE9 it is a very decent browser, I use it on daily basics.
Was that an intentional typo or just an amusing accident?
Edited 2011-08-16 19:05 UTC
Yeah, it was missspelled, but not on porpose.
Its the blocklist management team at microsoft that score this win. They update the list within 30 minutes as per the results.
If the blocklist website/service is down or blocked/redirected/hijacked the graphs would be very different.
wow I better start downloading IE to keep my debian boxes secure..
how come IE is not in the repos??! wtf aren’t they concerned about security :p
If users can add websites to the list and they get added in within the hour, then I’m assuming that they don’t review the URL very well…
Maybe we should add http://www.microsoft.com to the IE black list
Impressive for IE.
However, resisting the tempting click on a “too-good-to-be-true” offer and having minimal user privileges/rights (i.e. no install possible) while browsing would go a long way to minimize threats when using the other browsers.
What is a bit scary with the presence of black and white lists of urls in the cloud, and an absolute reliance on them for protection, is the possibility that a highly determined/motivated individual/group would break into the system and manipulate the lists to their advantage. Also, one could think of a concerted attack on the entire system – akin to a D.O.S. – preventing the communication of the updates of the lists to the users in within a reasonable time frame.
What may even be more scary is that this kind of published results will allow IE to keep its hold as the IT-blessed browser in the corporate world which is generally paranoid about security.
But who in the corporate world is using IE9? Most of the places I’m aware of are still mostly on XP SP3 with IE6 or IE8.
Of course, it’s advertising lingo only, but I have to contradict nevertheless:
No, the best choice when it comes to catching attacks aimed at making the user download Web-based malware unquestionably is using an OS that doesn’t collude with IE.