My friends at NSS Labs have done some great work over the last few years in testing firewalls, IPS, anti-malware and even browsers. They just released their latest results on browser security against socially-engineered malware. The report is for the European market and is available for free download here. The report looked at almost all of the leading browsers including IE 8 and 9, Firefox 4, Chrome 10, Safari 5 and Opera 11.
The test is against socially engineered malware. According to the report, "Socially Engineered Malware remains the most common security threat facing Internet users today. Recent studies show that users are four times more likely to be tricked into downloading malware than be compromised by an exploit". So what that means is fooling the user into going to an unsafe web site that will load malware onto your machine. It is more widespread than you think probably. Again according to the report, "according to the EU’s statistics office, Eurostat, almost one third of internet users in the European Union were victims of malware infections in 2010 despite the majority having security software installed."
The report defines socially engineered malware as "a socially-engineered malware URL: a web page link that directly leads to a download that delivers a malicious payload whose content type would lead to execution, or more generally a website known to host malware links. These downloads appear to be safe, like those for a screen saver application, video codec upgrade, etc., and are designed to fool the user into taking action. Security professionals also refer to these threats as “consensual” or “dangerous” downloads".
It should also be noted that this report was the first to look soley at European based results, but follow up on previous global testing that NSS conducted in Q1 2009, Q3 2009, Q1 2010 and Q3 . You can get more info on these previous tests at http://www.nsslabs.com/research/endpoint-security/browser-security.
So by now I know you are saying, OK Shimel enough. Tell us which browser was safest. Well let me say that according to NSS, it wasn't even close. The winner and by a very, very wide margin was Microsoft's Internet Explorer. In fact, the new IE9 with with both application reputation and URL reputation protection turned on stopped an astounding 100% of the malware in the tests! With just conventional URL reputation turned on, IE 9 still stopped 92%.
Second place went to (wait for it), IE 8! Microsoft's last generation browser still stopped 90% of the malware in the tests. That was significantly better that Chrome, Firefox and Safari which were all pretty much even at about 13% detection rates. So IE was at 90 and 100% while the other big three were at 13%. That is pretty big! Bringing up the rear was Opera at a paltry 5%. But as the report mentions, 5% is a significant increase over the 0% Opera clocked in on earlier tests.
A reason that Firefox, Chrome and Safari all had 13% is that they all use Google's safe browsing data feed, while Microsoft uses their own. All of these browsers use reputation and cloud based data to try and help protect you.
For those interested, Safari stayed about the same as in previous tests. Chrome showed some improvement and Firefox seems to have gone down a bit from earlier tests. As I mentioned before Opera is at least in the game, but trails all the others.
So while open source is good, in browser security, IE is the once and still champion. Congratulations to Rick Moy and all of the folks at NSS Labs for another great test study.