IE 9 anti-malware kingpin in browser face off

Tests indicate Google Safe Browsing not so responsive.

Microsoft’s Internet Explorer 9 is hands-down superior at detecting security threats delivered by malicious websites, according to testing company NSS Labs.

Over 19 days in April, researchers threw newly discovered URLs that contained downloadable malware at Chrome 10, Firefox 4, IE 8 and IE9, and Opera 11.

IE9’s SmartScreen Filter caught 92 per cent of the bad URLs and IE 8 caught 90 per cent, while Safari, Chrome and Firefox each caught 13 per cent and Opera detected 11 percent, according to NSS. 

The test essentially pitted Google’s Safe Browsing system, which underpins the URL filter offered in Chrome, Firefox and Safari, against IE9’s two main URL security features: URL Reputation and Application Reputation.

Each browser faced 76 tests over the period, based on a selection of 650 URLs that were designed to target European website visitors. The researchers removed URLs that only delivered ad-ware or that were not validated as malware, according to NSS.

NSS defined the attacks it was testing against each browser as a “web page that directly leads to a download that delivers a malicious payload whose content type would lead to execution, or more generally a website know to host malware links”.

The method of infection has become increasingly popular with cybercriminals, such as the group behind the Zeus banking trojan, NSS noted.

Security vendor Sophos described the typical method employed by attackers spreading Zeus who had recently rigged several legitimate sites with redirects to the exploit site.   

Microsoft’s IE9 also proved to be highly responsive to new threats when Application Reputation was activated, while those that relied on Google’s Safe Browsing changed little.

With the feature on, IE9 picked up every new threat the researchers had found in the past 6 hours and thrown at it repeatedly over seven days; without it IE9 only picked up 76 per cent at the outset and 89 percent at the end of the week.

Firefox, Safari, Chrome initially picked up between 16 and 11 percent, which rose to 17 per cent after seven days, while Opera, detected 7 per cent, rising to 20 per cent over the period.

Microsoft has described Application Reputation as an “early warning system for undetected malware”. The feature was included in IE9’s beta version last October and targeted the time between the spread of an attack and its inclusion in antivirus databases, according to Microsoft.


Join the CSO newsletter!

Error: Please check your email address.

Tags NSS LabssafariNSSanti-malwaremalwarechromeantivirussophosIE 9FirefoxIE9 SmartScreen filterMicrosoftzeus

More about GoogleMicrosoftSophos

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liam Tung

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place