Internet Explorer 8 blocked about four out of every five sites that attempt to trick visitors into downloading malicious software in browser security tests performed by NSS Labs.
In the Microsoft-sponsored tests, Firefox 3 came in at a distant second with 27 percent. Safari 4 scored 21 percent, Chrome 2 blocked 7 percent, and the Opera 10 beta was barely there with a 1 percent block rate. The tests did not include sites that use hidden exploits and drive-by-download attacks to attempt to install malware without your ever having a chance to recognize an attack.
According to the report, NSS Labs tested against a list of 2,171 socially engineered malware URLs, which it defines as "a web page link that directly leads to a 'download' that delivers a malicious payload whose content type would lead to execution," over the course of 12 days in July. The tests focused on sites that try to trick you into doing the dirty work of installing the malware, such as sites that disguise malware as a video codec or player.
Blocking these sites is a good thing for any browser, but so is blocking exploit sites. Hidden attack code on exploit sites will search for software flaws in an ActiveX control or browser plugin, for example. If such a flaw exists, the attack code can install malware without having to trick you into downloading anything.
NSS Labs also tested against phishing sites, with much closer results. IE 8 blocked 83 percent of the information-stealing sites, and Firefox 3 blocked 80 percent. Opera 10 beta stopped the pages 54 percent of the time, Chrome 2 blocked 26 percent, and Safari 4 intervened for only 2 percent.
While these results may be fully legit and highlight a real advantage for IE, eyebrows go up whenever a company being tested is also footing the bill. NSS Labs could quell such skepticism by saying where it got its list of malicious URLs, and why it left out exploit sites. The company's report doesn't include this info, and NSS Labs hasn't yet returned calls.