Microsoft's anti-malware sniffing service powers Edge to top spot in browser blocking tests

Credit to Author: Gregg Keizer| Date: Sat, 14 Oct 2017 12:58:00 -0700

Microsoft’s Edge browser, the default in Windows 10, blocked a higher percentage of phishing and socially-engineered malware (SEM) attacks than Google’s Chrome and Mozilla’s Firefox, a Texas security testing firm said Friday.

According to NSS Labs of Austin, Tex., Edge automatically blocked 92% of all in-browser credential phishing attempts and stymied 100% of all SEM attacks. The latter encompassed a wide range of attacks, but their common characteristic was that they tried to trick users into downloading malicious code. The tactics that SEM attackers deploy include links from social media, such as Facebook and Twitter, and bogus in-browser notifications of computer infections or other problems.

Edge bested Chrome and Firefox by decisive margins. For instance, Chrome blocked 74% of all phishing attacks, and 88% of SEM attacks. Meanwhile, Firefox came in third in both tests, stopping just 61% of the phishing attacks and 70% of all SEM attempts.

The results were not surprising to anyone who has followed NSS’s tests over the years: The firm has regularly awarded Microsoft browsers, notably the venerable Internet Explorer (IE), the top spots in its malware-blocking evaluations.

NSS’s assessments were of various cloud-based services that the browser makers called upon, not the applications themselves. The services are reputational at root. They crawl the Internet, and as they do, they assign sites to white- or blacklists depending on whether the content is judged malicious or suspicious. Alternately, the services crank out a numerical score. The browsers then request data from the services as they are directed to specific URLs, and – based on the response – block the browser from reaching the intended destination, warn the user that the site may be shady, or let the browser display the site as its owner intended.

NSS has almost always given Microsoft’s services, a combination of the SmartScreen URL scanner/filter and the Application Reputation service, the highest scores. Google’s rival service, dubbed “Safe Browsing,” has ranked second, sometimes a very distant second. Both Chrome and Mozilla’s Firefox rely on the Safe Browsing API (application programing interface), but historically, Mozilla’s implementation has performed poorly compared to Google’s. No shock: Google created the API.

Edge also took top prize in blocking attacks from the get-go. In NSS’s SEM attack testing, for example, the Microsoft browser stopped nearly every attempt from the first moments a new attack was detected. Chrome and Firefox, on the other hand, halted 75% and 54% of the brand-new attacks, respectively. Over a week’s time, Chrome and Firefox improved their blocking scores, although neither reached Edge’s impressive 99.8%.

But test scores like these have not helped Edge grow its share of the browser market, or kept its IE ancestor from a disastrous decline in the last two years. During September, Edge was run on just 5% of all personal computers; of those powered by Windows 10, the only OS Edge supports, the browser ran on only 17% of that PC subset. Since mid-2015, when Windows 10 and Edge launched, the latter’s share of the former has continually dropped.

In fact, September’s ranking was Edge’s lowest ever. Meanwhile, Chrome’s September user share of all personal computers was 60%, according to analytics company Net Applications; Firefox’s stood at 13%.

NSS also measured the anti-phishing prowess of Chrome OS and Windows 10 S, which are based, in turn, on Chrome and Edge, and found, “No significant differences were observed between the Edge browser running on Windows 10 or Windows 10 S and between the Chrome browser running on Windows 10 and Chrome [OS].”

The testing firm’s results were obtained by continuous monitoring of Windows 10 personal computers running Edge, Chrome or Firefox between Aug. 23 and Sept. 12.

Microsoft’s Edge easily beat rival browsers from Google and Mozilla in third-party tests of the behind-the-scenes services which power anti-malware warnings and malicious website-blocking.

http://www.computerworld.com/category/security/index.rss