NSS Labs, an independent, information security research and testing organization, today released a report that finds Internet Explorer 9 offers the best protection against socially-engineered malware.
This type pf malware usually works as following: When your friend sends you a link to download a file containing "some awesome pictures," your first thought isn?t to question whether this link may contain something bad like a virus that can shut your computer down or steal your identity. Why would someone you trust send you something harmful? Unfortunately, this good-natured instinct is exactly the behavior that malware creators like to exploit. Attackers are looking to take advantage of contacts and personal relationships - relying on user actions rather than software vulnerabilities to harm people. These attacks are known as socially-engineered malware attacks and have been increasing in number.
NSS Labs research showed that Internet Explorer 9 is able to either block or warn against 99% of socially-engineered malware. According to NSS Labs, "With a unique URL blocking score of 94% and over-time protection rating of 99%, Internet Explorer 9 was by far the best at protecting users against socially-engineered malware."
The graph below compares the protection offered by various browsers against socially-engineered malware attacks.
Jason Miller of Shavlik Technologies, a global leader in simplifying the complexity of IT management, notes that with the recent NSS findings, "Microsoft is showing, with their current browser technologies, that security for end user browsing is important to them." Through its SmartScreen technology, Internet Explorer 8 and Internet Explorer 9 Beta help protect users by detecting and blocking websites that distribute socially-engineered malware and phishing attacks. The difference in performance between IE8 and IE9 above comes from the addition of new features such as SmartScreen Application Reputation. This new feature for Internet Explorer 9 adds an additional layer of protection by warning users when they attempt to download a higher risk application.