Along with the release of Microsoft’s Internet Explorer 8, a report by research firm NSS was presented that shows the new version of Internet Explorer is better at protecting users from malware. The (Microsoft-sponsored) study looked at the blacklist features of all modern browsers, using real malware URL’s, over a period of several days. The most important conclusion was that the SmartScreen filter in IE8 appears to offer the best protection, blocking over half the malware URL’s within a day.
The report shows some interesting things; Firefox fans will be quick to point out that the average time needed for a URL to be blocked was only 6 hours for Firefox, and nearly double that time (11.7 hours) for Internet Explorer. Another thing that struck me was the huge difference between Firefox, Safari and Chrome:
Since all three browsers use Google’s Safe Browsing as the main component of their phishing filters, this difference came as a surprise to me. Even more so if you look at the drop in Chrome’s detection rate; this would appear to suggest a problem with the database used at the time of testing. There is also some some language in the report that suggests the malware URL’s were not chosen in a completely random fashion:
Sample sets contain malicious URLs distributed via: SPAM, Social networks, and malicious websites. Exploits containing malware payloads (exploits + malware) a.k.a. “clickjjacking” or “drive-by downloads” were excluded from the test.
I’m already looking forward to the next round of tests; if the Smartscreen technology really turns out to be as effective as the NSS report says it is, I strongly urge Microsoft to share it with other browser makers. After all, Microsoft is free to use the Safe Browsing filters as well, and anything that can be done to make the web safer is a good thing.