Best Browser for Malware Protection?

Category: Browsers , Security

Web browsers are used to interact with the Internet more than any other type of software. So it’s no surprise that the latest malware tries to infiltrate computers via Web browsers. But which browser does the best job of protecting you? Read on for some surprising test results...

Which Browsers Protect You From Malicious Content?

The front lines of defense against viruses, spyware and other forms of malware are your firewall and your anti-virus protection. If you're not sure you've got those two important pieces of software in place, see my related articles Do I Really Need a Firewall and Free Anti-Virus Programs before continuing.

The online security landscape is constantly evolving, not unlike an arms race. New threats emerge, and the software to defend against them is released. Because most users now have anti-virus software, the evil forces who create malware have turned their gaze to a new attack vector -- your web browser.

Browser Malware Protection

The most popular browsers attempt to keep users safe from such attacks by blocking access to malicious Web pages and downloads of malicious executable files. The latest releases of Google Chrome, Internet Explorer, Firefox, Safari and Opera all have security features baked into their code. But there is a huge gap between the most and least effective of the top five browsers’ defenses. And you might be surprised to learn which browser keeps you safest.

Security experts at NSS Labs, Inc., tested the five leading browsers against a sample of 754 “active and malicious” URLs (web page addresses) to see what percentage were caught by each browser’s defenses. You can read the complete NSS browser safety report, but the summary results are simple and stunning:

BROWSER PROTECTION
Internet Explorer 10 99.96%
Google Chrome 25/26 83.16%
Safari 5 10.15%
Firefox 19 9.92%
Opera 12 1.87%

Clearly, only IE 10 and Chrome can be taken seriously if you are looking for a browser that protects you from malicious Web content. But what accounts for the dismal performance of Safari, Firefox, and especially Opera, and the narrower but significant difference between IE and Chrome?

Digging Deeper...

Firefox, Safari, and Chrome all use the Google Safe Search API, a “reputation” system that blocks access to URLs that are labeled “malicious” in a database compiled by Google in the course of its Web indexing and from user reports. Safe Search is all that Firefox and Safari use, so it’s no surprise that their effectiveness rates are very similar in this test. The test indicates that Safe Search alone is only about 10% effective in blocking Web-based malware.

Chrome also includes Google’s Download Protection, which judges the reputation of an executable file instead of just the URL. The home page of your bank may be perfectly harmless and not blocked by Safe Search. But a hacker may have embedded in that page code that secretly downloads a malware program to your computer and runs it. Google’s Download Protection detects and blocks such files. So the URL-based Safe Search provides about 10% of Chrome’s protection, and the file-based Download Protection provides the other 73%, for a total effectiveness rate of 83.16%.

Microsoft has its own URL-based reputation system called SmartScreen. It blocked over 83% of malware in the test. Additionally, Microsoft’s Application Reputation system blocks executable files, as Google’s Download Protection does. But there is an important difference between the approaches to “reputation” taken by Google and Microsoft.

The NSS study tested IE10, the latest version of Microsoft's browser. I can't extrapolate from the NSS study, but IE9 offers both Smartscreen Filter and the Application Reputation feature. So my guess is that it would perform on par with IE10 as far as blocking malicious websites. For those on XP systems, IE8 has Smartscreen filter, but not Application Reputation.

Do You Feel Lucky?

Google blocks URLs and files that are definitely untrustworthy; that is, they have been deemed “probably malicious.” Microsoft blocks URLs and files that are not trusted enough; that is, they are deemed “possibly malicious.” Google depends on what is known about a URL or file. Microsoft takes into account what is unknown; it errs on the side of caution. That’s good if you’re looking at security, but bad if you want to visit an obscure Web site or download an unpopular file. The downside of this extra-cautious approach is that you could be blocked from accessing perfectly safe content.

Opera uses a hodgepodge of small reputation partners that provide virtually no protection against malicious URLs or files. If you use Opera, you absolutely must use a third-party anti-malware program that includes real-time scanning for malicious websites as well.

In fact, such backup defenses are important no matter what browser you use. All of the browser defense mechanisms allow users to decide whether they want to ignore the browser’s warning and proceed to load a web page or download a file. Human judgment is often wrong, and that’s when you really need a security program that detects and stops suspicious activity on your system.

Does your browser or security suite include scanning for malicious web content? Post your comment or question below...

 
How Else Can I Help You?   (Enter your question in the box above.)
 

Sign up now for AskBob Updates!

Boost your Internet IQ, keep up with the latest online trends... get your FREE subscription now!


Email:


Posted by on 16 May 2013


For Fun: Buy Bob a Snickers.
Need More Help? Try the AskBobRankin Updates Newsletter. It's Free!

Prev Article:
Geekly Update - 15 May 2013

The Top Twenty
Next Article:
Why Does Malware Exist?

Link to this article from your site or blog. Just copy and paste from this box:


Most recent comments on "Best Browser for Malware Protection?"

(See all 31 comments for this article.)

Posted by:

frank
17 May 2013

thanks bob for that info it helped


Posted by:

Frank Klett
17 May 2013

I recently downloaded and installed Comodo Dragon on my wife's laptop for her. I chose it since she was already familiar with Chrome and Dragon afforded (supposedly) additional layers of protection while she does her surfing thing.
It is actually a very nice little package if you like the Chrome browser....I am a diehard Firefox user for many years and always keep my guards up while online.
Thank you very much for your research and accuracy in your articles...always a pleasure to read your thoughts.


Posted by:

oblivious
17 May 2013

OOps! Always run FF as the default browser. Had problems for a couple YEARS on my desktop. Downloaded adwcleaner malware remover and ran it. Run it anytime I believe there's a problem. Always finds something in FF temp file. Don't use IE8 or update it. It's unusual if anything is found in Chrome. And I don't browse porn. Laptop remains clean. Installed Comodo firewall on it a couple weeks ago. Still evaluating it.


Posted by:

Sharon H
17 May 2013

I would never depend on my browser to keep me protected from malicious sites. Firefox has been fine for me. I use McAfee Site Advisor that works very good about warning me if a site is suspicious. Having Avast installed also helps protect my PC. It has stepped in and stopped certain websites from loading.

Don't like Chrome--it's too intrusive. Just use what browser you like best and chose additional protection (free). A little research goes a long way. Great article, BTW!


Posted by:

tim w
18 May 2013

I partially agree with your assessment. Comodo Dragon has the power of Chrome (Open Source Chromium), but is much lighter on the system than Google Chrome, and has more security features. I am rather surprised you didn't mention this.
Furthermore, for the Fox Freaks, Comodo offers their version of FireFox and, again, it is lighter on system resources.
Check them out.


Posted by:

Ernie-Joe
18 May 2013

I echo all the compliments given in these posts.

I have been a long-time follower of yours, going back to the days of "tourbus." Because of you, I've advanced from a completely ignorant computer neophyte to a neophyte, as this article has demonstrated to me again. Things I just don't fully understand, you bring to my attention. And,I just keep on learning.

Your articles are always a delight to read. Thank you for taking the time out of your to continue to produce them for us.


Posted by:

Kenny
18 May 2013

Most anti-virus software will also block any attempts to open an unsafe website.


Posted by:

Therrito
19 May 2013

All I can say is WOW!
I have been using Firefox under the assumption that it was safer than IE.
Boy was I wrong.
I think it's time to move all of my bookmarks and favorites over from Firefox to IE and start using it instead.


Posted by:

Bill
14 Jun 2013

I would be very careful not to make the knee-jerk decision that based on the numbers below IE is some 10 times safer than Firefox etc.

What were those threats that were not found and how severe were they? How prevalent were those threats - how likely are you to run into them in reality?

As others have pointed out - there are plenty of addon programs that could and should be used to support any browser - and none of this makes any difference if the user is determined to circumvent the protection offered.

I find the article mildly interesting but it will not change my usage of Firefox as my primary browser.


Posted by:

Nascar68117
15 Jun 2013

I realize that EarthLink.net is just Dial-Up &/or DSL with Web Mail & E-Mail spyware protection , but "earthlink" was not mentioned in this "Topic"


Posted by:

Horus
15 Jun 2013

It matters little what browser you use if you are idiotically clicking on links and downloads. I have used Opera for about 15 years and have never had an issue. Safety starts when you turn the PC on, not via a browser choice.

I would also like to point out that even going close to IE is a bad idea. It is the most used browser, which means it will be the most attacked. No matter what protocols a browser uses it has nothing close to enough resources to figure out what some spotty translucent teenager creates in his smeg ridden bedroom.


Posted by:

MadMan
15 Jun 2013

I've had to uninstall IE10, rolling back dozen's of customers to IE9...what a fiasco of a browser it is!! Most of the user problems were banking sites and email sites that would not load. Did not know Comcast email and Gmail were such great security risks in IE10...what a crappy, poorly written browser!!!


Posted by:

DJB
16 Jun 2013

@ coach anne - re: additional Firefox security

1. NoScript
https://addons.mozilla.org/en-us/firefox/addon/noscript/

2. WebOfTrust
https://addons.mozilla.org/en-US/firefox/addon/wot-safe-browsing-tool/


Posted by:

Scott Karsten
17 Jun 2013

Bob, what about Firefox or Chrome on a Linux system. Linux seems to have less issues with virus and malware than Window$. I use Linux Mint Cinnamon 15. I have never had malware or virus issues on my operating system. It does not mean it will not happen, but. . . I feel the hackers have not targeted Linux yet because more people in the US use Micro$oft operating systems.


Posted by:

Elaine
17 Jun 2013

I am running XP and use both IE9 and Chrome regularly. Lately both are being bombarded by Web Attacks that are being blocked by my Norton 360, not by the browser. I also recently purchased HitmanPro, which runs a quick scan at start up.


Posted by:

DavidW
17 Jun 2013

I always appreciate a good article on security.

I was a system builder for almost 20 years, which included trouble-shooting and malware removal. IE has always been and remains my preferred browser - except when I'm going to sites filled with banners and ads. At those times nothing beats Opera and its ability to block content.

Each browser has problems, so go with the one that has problems you can live with - but always use anti-malware protection.

I use Malwarebytes Pro with active protection and malicious website blocking, and Avast Free anti-virus with all shields enabled. My Draytek modem provides the firewall. Lastly, I use Peerblock to block unwanted connections to my PC. Most people would be amazed at how often someone in China is looking for an open port on their system.


Posted by:

wilkinsonda
17 Jun 2013

Can't help wondering if it helps to run the browser sandboxed?


Posted by:

Dick Crampton
17 Jun 2013

I avoid IE like the plague as had lots of issues and also moved away from Firefox for the same reason. However I have rarely had any issues since I started using Comodo Dragon, coupled with Comodo Firewall, AVG Antivirus, spybot S&D, spyware blaster and Malwarebytes Anti-Malware!


Posted by:

Don
18 Jun 2013

Re: Can't send attachments in Win 7 with IE10.
Yes you can, I just did - from my Gmail account to my AOL account. Got it, opened it, played it. Had me worried for a minute though.


Posted by:

Eric Benson
28 Jun 2013

The version of FF tested has been replaced 3 times. FF just updated on my system to version 22. FF also has many add on security utilities which have been previously mentioned.


There's more reader feedback... See all 31 comments for this article.

Post your Comments, Questions or Suggestions

*     *     (* = Required field)

    (Your email address will not be published)
(you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! And please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are previewed, and may be edited before posting.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.


Free Tech Support -- Ask Bob Rankin
RSS   Add to My Yahoo!   Feedburner Feed
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Privacy Policy -- See my profile on Google.


Article information: AskBobRankin -- Best Browser for Malware Protection? (Posted: 16 May 2013)
Source: http://askbobrankin.com/best_browser_for_malware_protection.html
Copyright © 2005 - Bob Rankin - All Rights Reserved