Internet Explorer leads in tests against social engineering threats
Microsoft’s Internet Explorer family of browsers came out on top against socially engineered threats in head-to-head tests by NSS Labs with other popular browsers.
In both raw numbers and weighted evaluations of performance, IE outperformed Google’s Chrome, Mozilla’s Firefox and Apple’s Safari browsers. This is good news for users of IE, which includes large swaths of the federal government that are standardized on Microsoft software products.
But, “there is an important qualifier,” said NSS research director Randy Abrams, author of the report. “IE is far and away the overall best at what we tested for,” but that was limited to socially engineered malware (SEM) and phishing attacks. “We didn’t test for vulnerabilities in the browsers or security plug-ins.”
Although social engineering attacks can present serious threats, they represent just one part of the threat landscape and can be mitigated by non-technical means. NSS calls education the “great equalizer” in social engineering attacks. Although the Firefox and Safari browsers exhibited very little protection against socially engineered malware, they can be used safely by savvy users, Abrams said.
The NSS report tracks test results for the four browser families dating back to 2009, during which IE made a sharp improvement in blocking SEM, from around 55 percent to near 100 percent. Chrome, although blocking a little less than 70 percent of SEM, does slightly better than IE at blocking phishing sites, scoring nearly 90 percent. Both Firefox and Safari did poorly in defending against SEM although they also did well blocking phishing sites.
Figures on the market share for browsers vary, and in recent months current versions of Chrome have outpaced IE in sales or installations. In the overall installed base, however, the IE family maintains top position. According to one frequently cited source, netmarketshare.com, IE accounts for nearly 58 percent of the installed base, followed by Firefox, Chrome, Safari and Opera.
Next Page >
