Questionable Study Praises IE8 Malware Protection

A recent study conducted by NSS Labs revealed that of the six most-used browsers, Internet Explorer 8 (IE8) RC1 is "head and shoulders" above Firefox, Safari and Chrome in its ability to detect and block socially-engineered malware.

Socially-engineered malware is considered to be among the most prevalent computer viruses in existence. The infection process becomes a very familiar scenario: a user is enticed to visit an external website and agrees to the malware download under false pretences.

NSS reported on the dangers of these attacks many times in the last year, urging users to constantly update their anti-virus/malware programs for ensured safety.

Malware Detection Based On Reputation Services

Most of the latest web browsers approach malware detection based on "reputation services" in the same manner experienced when analyzing phishing sites. Detection is based on a blacklist of domains and IP addresses known as phishing/malware sites. When a user attempts to click onto one of these domains, a message appears restricting access to the site. (Source: yahoo.com)

39% Gap Between First and Second

The actual results of the NSS study are as follows: IE8 (RC1) was able to detect malware 69% of the time, followed by Firefox v.3.07 at 30%, Safari v.3 at 24%, Chrome v.1.0.154 at 16% and Opera v.9.84 at 5%.

Those who continue to use the previous Microsoft browser will be saddened to learn that IE7 was only able to detect malware 4% of the time.

Study Reveals Questionable Results

Analysts are raising some concern over the validity of NSS Labs, after it was revealed that the study was funded in part by Microsoft.

NSS admitted that Microsoft did fund a significant portion of the study, but stated that their labs remain an independent entity unto themselves and the funding does not make the results any less factual. (Source: pcmag.com)

Still, many are waiting for confirmation from a non-funded source.

In the meantime, users are still reminded to treat browser-based malware detection as a secondary means of protection. While this kind of protection is a good start, it is still no substitute for a strong anti-malware program and common sense (among other measures).