IE 9 best option against Web-based malware attacks
Posted on 16.08.2011
Microsoft's Internet Explorer 9 has proved once again to be the best choice when it comes to catching attacks aimed at making the user download Web-based malware.


This claim was made by NSS Labs in the recently released results of a test conducted globally from May 27 through June 10 of the current year, which saw five of the most popular Web browsers pitted against each other.

Windows Internet Explorer 9 (IE9), Google Chrome 12, Mozilla Firefox 4, Apple Safari 5 and Opera 11 were tested with 1,188 malicious URLs - links that lead to a download that delivers a malicious payload or to a website hosting malware links.

Each of those browsers uses a variety of security technologies that protect users from this type of attack. All of them use a reputation-based system that works by comparing URLs with a blacklist or whitelist located in the cloud that gets updated manually and/or automatically. If the URL is found to be malicious, the browsers redirect the user to a warning page.

The results for IE 9 were almost perfect: the browser blocked 96 percent of the suspicious URLs when its URL reputation filter was enabled, and an additional 3,2 percent after its Application reputation filter was enabled.

The results for the rest of the browsers were rather poor when compared to that of IE - Chrome blocked 13,2 percent of the URLs, Firefox and Safari 7,6 percent, and Opera only 6.1 percent.

When compared to the result of the same test performed the year before, IE, Chrome and Opera show an improvement in the malicious URL detection rate.

And when it comes to reaction times following the addition of new malicious URLs to block lists, IE proved its mettle once again. It caught over 99 percent of the newly added URLs in the first hour following their addition. Safari proved to be the worst in that respect, identifying just 6.4 percent of those URLs.

The researchers explain the results with the efficiency of IE's newly introduced Application Reputation technology, Chrome enhancements, Opera's partnership with AVG, and Safari's and Firefox' failure to implement new socially engineered malware protection.






Spotlight

The context-aware security lifecycle and the cloud

Posted on 25 November 2014.  |  Ofer Wolf, CEO at Sentrix, explains the role of the context-aware security lifecycle and illustrates how the cloud is shaping the modern security architecture.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Nov 26th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //