Study lauds IE for blocking Web's social attacks

An updated study has found that when it comes to blocking Web sites used in efforts to trick people into installing malware, Internet Explorer has widened its lead over the four other most-used browsers.

NSS Labs, a product analysis company, issued a third installment of an ongoing study of how well browsers avert socially engineered attacks that try to exploit a person's trust with a Web address that actually installs and runs malware. The upshot: "Windows Internet Explorer 8 provided the best protection against socially engineered malware," stopping 85 percent of the attacks at 562 sites.

In contrast, Mozilla Firefox 3.5.7 and Apple Safari 4.0.4 stopped 29 percent, Google Chrome 4.0.249.78 stopped 17 percent, and Opera 10.10 stopped less than 1 percent. All the browsers, except for Opera, showed better results now than on versions of the test conducted six months and a year ago.

Microsoft funded the study, but NSS Labs led its design, a Microsoft representative said. NSS Labs released the study this week in conjunction with the 2010 RSA security conference.

Those curious about detailed methodology of the test, which was conducted over an 18-day period in January, can check appendix five of the study on page 15. Here's a summary: NSS Labs collects malware sites from partners and from its own lists harvested via spam traps and honeypots; of the 12,000 sites collected, 562 were validated to work and to meet its definition of socially engineered malware: "a Web page link that directly leads to a download that delivers a malicious payload whose content type would lead to execution."

Bear in mind that there are several other aspects to browser security, including plug-ins, the ability to shut off JavaScript or run security-oriented add-ons, resistance to drive-by exploits that work without people actively downloading malware, vulnerability response time, and other matters.