Internet Explorer 9 rated best at blocking socially engineered malware

Internet Explorer 9 really is a massive upgrade from its aging predecessor, but there’s a whole lot more to it than just speed. The IE9 team also put a lot of effort into designing more modern security into the browser, making it capable of defending users against threats that older browsers simply don’t know how to deal with.

Drive-by attacks have been utilized by cybercriminals for a long time. Since average computer users are often very lax when it comes to keeping things like browser plug-ins up to date, Flash, Java, and PDF exploits became very common. Recently, however, browsers have become better about coercing users into updating plug-ins, so the bad guys started using tactics similar to the ones they employ when phishing via email. This newer socially engineered malware can be a bit trickier for browsers to block, which is why NSS Labs set out to see how six of the top browsers fare against such attacks.

The chart above certainly looks clear enough: Internet Explorer kicks butt at blocking this kind of threat. By combining the URL Reputation feature (which first arrived in IE7) and the new App Rep service, Internet Explorer 9 posted a practically perfect score. That’s not necessarily a surprise, considering the numbers reported by Microsoft back in May. 95% of IE9 users choose not to run malicious apps after receiving an App Rep warning.

If you need more proof that App Rep actually works, just check with Ed Bott. Recently, he wrote about a download from Microsoft’s own servers that was being flagged by IE9 — proof positive that nothing gets a free ride when it comes to reputation checking in the browser.