Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Endpoint Security

Microsoft Edge Tops Browser Protection Tests

Microsoft’s Edge browser blocks the highest percentage of socially engineered malware (SEM) and phishing attacks compared to Google Chrome and Mozilla Firefox, newly published NSS Labs reports reveal.

Microsoft’s Edge browser blocks the highest percentage of socially engineered malware (SEM) and phishing attacks compared to Google Chrome and Mozilla Firefox, newly published NSS Labs reports reveal.

The cyber security product research, testing, and advisory company conducted two global tests to measure how effective web browsers are at blocking current threats targeting Internet users, and discovered that the apps that blocked the most attacks overall also blocked URLs the fastest.

The tests were conducted between Sept. 26, 2016 and Oct. 9, 2016, with 220,918 socially engineered malware results and 78,921 phishing results recorded. For their tests, NSS Labs considered Google Chrome version 53.0.2785, Microsoft Edge 38.14393.0.0, and Mozilla Firefox version 48.0.2. The browsers were tested on Windows 10 Enterprise – Version 1607.

When it comes to SEM protection, Microsoft Edge came up on top by blocking 99.0% of the samples, followed by Google Chrome with 85.8% and Mozilla Firefox with 78.3%. While Edge uses SmartScreen URL filtering and Application Reputation (App Rep) for user protection, Chrome and Firefox use URL filtering and an application reputation system called Download Protection.

The test also revealed that Microsoft Edge could deliver a 98.7% zero-hour protection rate for malware, followed by Chrome with 92.8%, and Firefox with 78.3%. After 7 days of testing, Edge was in the lead with a 99.3% block rate, 3.6% higher than Chrome and 17.4% higher than Firefox. On average, Edge needed less than 10 minutes to block malware, Chrome needed 2 hours and 39 minutes, while Firefox needed over 3 hours and 45 minutes.

When it comes to phishing protection, Microsoft Edge had a phishing catch rate of 91.4% over the 12-day test period, followed by Chrome with 82.4% and Firefox with 81.4%. An average of 145,581 unique email phishing campaigns were reported each month this year, making a browser’s ability to block such attacks highly important. However, SEM protection is as important when assessing a browser’s security capabilities, NSS Labs notes.

The phishing protection test conducted by NSS Labs collected 78,921 results during the test period and revealed that Microsoft Edge has an initial protection rate of 92.1%, followed by Firefox at 84.0%, and Chrome with only 82.7% percent. By the seventh day, Microsoft Edge climbed to 92.9%, Chrome to 85.6%, and Firefox to 84.9% (both Chrome and Firefox rely on Google Safe Browsing API, hence the nearly identical performance).

The average time to block a phishing site is of 56.4 minutes. While Microsoft Edge was in the lead at 24 minutes, the other two browsers needed over an hour to block the offending sites: 61.2 minutes for Firefox and 84.6 minutes for Chrome.

Nearly one third of all Internet users have fallen victim to socially engineered malware, making this threat one of the most encountered today. Both individuals and organizations are at risk, because such attacks can compromise, damage, or acquire sensitive personal and corporate information. Phishing attacks represent an equally important and damaging threat, as they become more complex and sophisticated, being harder to detect and difficult to prevent.

Related Reading: DomainTools Service Eyes Potentially Dangerous Domains

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

CISO Strategy

Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Application Security

Software maker Adobe has rolled out its first batch of security patches for 2023 with fixes for at least 29 security vulnerabilities in a...

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

Endpoint Security

Apple has launched a new security research blog and website, which will also be the new home of the company’s bug bounty program.