The Safest Browser Against Malware? IE9

I wonder IE9 would pass the OLE hacks similar to the PC flank leak test?
http://www.pcflank.com/pcflankleaktest.htm

and all this proves is that browser makers sux big, instead of having a single list of black listed sites open to and shared by all browsers, we have dis-parted list of black listed sites, they not trying to make the safest browser, they trying to win brownie points

besides which, these sites came for spam... they is no way in hell your going be able to protect someone who was intelligent enough to click on a link sent via spam, you can presume no matter how 'safe' their browser really is that this person most probably is already sporting the latest and greatest Trojan. Your going need something more then a "this site maybe unsafe" warning to save them, i dont know maybe something like a defense against click jacking and drive by downloads as well as script blocking (which obvious has nothing to do with 'safe' browsers according to the researchers)

I agree with the other posts, nothing is foolproof and many users will end up doing something foolish to install malware themselves.

Instead of a warning, they need a USB add-on that will give the user a quick squirt from a water bottle. Worked pretty well when my cat had a bad habit of sharpening her claws on the sofa.

Thanks for reminding me I had some brownies in the fridge

Umm, pardon? Give that comment another try...

Oh here we go again, testing the latest version of IE against outdated versions from competitors. C'mon, isn't Firefox 5 and Chrome 12 out? Nevermind...I'll answer that question for you. YES!

Really???
I really, really, don't get these articles. This is something which basically changes week to week, so whats the point? I mean it seemed like it took only a couple months for firefox to go from ver. 3 to 4 then to 5 already.. Updates just happen so quick now a days.

Its funny to see the reaction of people who love to hate IE, its already a fact that IE has things going for it and here we have 1 of many proofs...

Internet Explorer. The number one browser for downloading a better browser.

I'm sorry but it's not even close. I took a new laptop on a trip and connected to the unscrupulous ISP that the hotel had contracted with. Immediately the machine filled will malware from that ISP. I had gone on this trip suddenly and didn't have time to set up the laptop by installing Firefox and so forth, so I was using IE. The security holes in IE rendered the laptop almost unusable in seconds.

For some reason, I feel that your claims are either untrue, or very exaggerated. And I could explain why, but I don't feel like typing up an essay.

I wonder if people that say "users install most malware" have actually read the entire article.

If I recall correctly, it says in the article that IE9 was also excellent at stopping downloads that could potentially be malware by throwing a warning for less-downloaded executables. Annoying yes, but it works.

Nothing is foolproof, but this does add an extra layer in some instances. The fact that MS scored 100% and other browsers scored so low is actually a big deal. I'm not convinced it's that good in the real world but it's still a major win for them. I use IE at work and really don't have anything against it. There has been more than one instance in my life where I ended up on sites (both IE and Chrome) that told me the site may contain malicious code. I did not proceed. Disaster averted. The fact that this is being advertised now 2 years in a row is a good thing, it may generate a central black-list repository for all the browsers to use and some standard protocol on what the browsers should do if users go to such sites.

So if I understand the article they "tested" browser security by ignoring and not testing the vast majority of browser insecurities. Isn't that a bit like describing a house as secure because the front door is locked while all the windows and the back door are wide open?

As others have stated in the past, the only safe system from hacks, malwares, viruses, etc is to unplug your system.

The next best this is to do your research and compile a good set of anti-virus, malware detection, and ad-aware type protocols to run in conjunction with a physical firewall... and then to not be an idiot and click yes to everything.

All Microsoft did here was make IE9 an even larger target from the cyber community. Not a good idea.

Microsoft probably (and if so, finally) gets something right and it's still not good enough.

MS - Danged if they do and danged if they don't!

You guys would b*tch if you were hung with a new rope.

This post makes me laugh. Firefox 4 was replaced with 5 what? 3 weeks ago? Not only that, but Firefox 4 was only out for what, 3 or 4 months total? People complaining about the speed which it was updated and replaced, yet somebody complaining about not using something recent enough. Really, you do realize that it takes time to run a test like this and put the results together to publish, right? I don't know about how old chrome was, but this is another browser that's famous for going through version numbers like I go through ice water on a hot day. What this tells us is they made their best effort to use up to date browsers.

You, sir, are as about as bright as a burnt out light bulb. Its obvious you are a newbie and/or no nothing about the world of IT. Your ridiculous comment shows your lack of intelligence and how you are trying convince everyone who reads your comment how clever you are. I can prove you know nothing because your very first line you are quoting, "as others have stated".

Do us all a favor and stop posting mindless jibber-jabber. STOP trying to educate and mislead those who read your pathetic comments - you are doing more harm than good.

When ever i read this kind of dribble i wonder what kind of gay fettish child porn they brows so much. Since windows 95 has this ever once happened to me or anyone i have ever known or heard of. You are either a total moron who clicks yes to anything on the screen or you need to stay away from the 10 year old porn.

Ok, but HOW did it get those sites, and HOW does it know those sites are in any way dangerous? It certainly didn't employ people to open up their Spam boxes and copy and paste links in there. There has to be some sort of method to determine that the site is truly malicious. After all, just because something is advertised via spam, doesn't mean the site is in any way harmful. My guess is, they got this list from some security firm, and I'm also going to guess that Microsoft uses the same firm for determining their own blacklist.

Basically, the NSS used a blacklist to collect a list of malicious websites, then tested those sites against the other companies' blacklists. Microsoft's latest happened to match 100%, good for them. I bet if they had picked 650 sites from Opera's blacklist, Opera would have passed 100%, same with Chrome, Firefox, and Safari.

What the NSS NEEDS to do is create websites with certain vulnerabilities and check to see if the browsers can detect them. Throwing a very small subset of known bad sites ata browser doesn't prove much, except which browser makers consult with which security firms.

And before you claim I didn't read the article, I read the linked PDF file. Firefox, Opera, Chrome, Safari, and IE8 web browsers blocked sites based purely on "URL Reputation" (i.e. a blacklist). IE9 blocked 92% of websites based on URL Reputation. It blocked another 8% based on "Application Reputation", which they don't even bother to elaborate on, but basically means Microsoft is keeping track of every file everyone downloads, and whether or not that file might be infected (probably tied to their own antivirus software).

So yeah, your browser can be safer, assuming everything you do is tracked by the browser manufacturer (including which files you download), and that those same files are later scanned by that manufacturers antivirus software. Makes me wonder why Chrome isn't more secure (from a blacklist perspective). Makes sense why Safari, Opera and Firefox aren't so secure.

I have connected to a hotel network and had virus alarms and random popups start going off in seconds, before I hit any websites. (It reminded me of the 4th of July.) It just takes one infected computer to contaminate the entire network.

This is a true story, unembelished. I ran IE for a long time before I worried about malware. When I started scanning for malware I was surprised at how much I found on my hard drive. I switched to FF, ran it for awhile, and my scans were mostly clean. That is when I discovered how much more secure FF was than IE.

That time at the hotel is the only time that this has happened to me, and I attribute it to the unscrupulous ISP that the hotel used. It happened right after logging into the hotel's ISP and aggreeing to their $10 per day charge to be added to your room rate. I didn't even have to do any other browsing to get infected. My normal browsing is to sites that are safe, but occasionally you follow somebody's link to look at a video or whatever. The riskiest thing to me now seems to be if you do google searches for common images such as images of Angelina. Some of the images found by google will take you to dangerous websites.

Internet Explorer 9 MAY be the best, but no computer technology would compare to something like "Web of Trust" Firefox extension that allows HUMANS to rate the sites and leave feedback behind ^^

Cherry picking your data leads to meaningful results?

I think maybe you shouldn't have clicked "YES" to install that pornviewer app from the questionable sites you were on. It would have happened even if you used Firefox.

Well this post made my day, hilarious!

That's a stupid comment... everybody knows FF and Chrome constantly update their software and call them "major releases" after adding just a new hat. In fact, since you posted that comment Firefox 7 and Chrome 28 ware released.

Edit > Since posting this comment, Firefox 8 and Chrome 39 was released.

Edit 2 > Chrome 40.

"Excluded from the test were typical browser vulnerabilities, as well as sites that integrate nasty clickjacking or drive-by downloads."

So pretty much all the real hazardous stuff, that requires no user intervention to install, that IE has been victim to for its entire existence. Was not tested.

Choose your result, and then make the test so it proves those results. I love it.

ff5 with noscript ftw

The users need all the help they can get, if MS didn't do this they would get slated, they did do this and they are being slated again.

They just can't win against the fanbois.

What exactly would MS have to do to gain your confidence, have Ed Gibson drive over and watch over your shoulder and warn you of impending malware before each click, whilst simultaniously providing you with a never ending supply of hot pockets and mountain dew?

MS can win, they just have to stop contracting with and publishing reports from companies like NSS Labs that have repeatedly published biased reports and have ignored all feedback about how to make an unbiased test. Since MS keeps hiring unreliable people to do the tests, and they keep publishing those flawed results, so they're complicit in the deception.