Connect with us

Hi, what are you looking for?


Endpoint Security

New Research Says Chrome Browser “Most Secured” Against Attacks

Which Web Browser is the Most Secure? New Research Tests How Web Browsers Stand Up Against Today’s Web-based Threats

Security research firm Accuvant, today released the results a study comparing the security of the three most widely used web browsers – Mozilla Firefox, Google Chrome, and Microsoft Internet Explorer.

Which Web Browser is the Most Secure? New Research Tests How Web Browsers Stand Up Against Today’s Web-based Threats

Security research firm Accuvant, today released the results a study comparing the security of the three most widely used web browsers – Mozilla Firefox, Google Chrome, and Microsoft Internet Explorer.

In its research, the Accuvant LABS team tried to determine which browser best secures against attackers. The research firm says it used a “completely different and more extensive methodology than previous, similar studies.”

“We compared web browsers from a layered perspective, taking into account security architecture and anti-exploitation techniques,” said Chris Valasek, Accuvant LABS senior research scientist. “Like antivirus or anti-malware software, each provides an additional layer of defense. This methodology requires a greater depth of technical expertise than statistical analysis of vulnerabilities, and also provides a more accurate window into the security of each browser.”

So which browser turned out to be the most secure? Accuvant said that Google Chrome is currently the browser that is most secured against attacks. Ironically, Google commissioned Accuvant to perform the comparison, but the results and testing methodology are available for anyone to see, and Accuvant is a highly respected firm, so I don’t assume the results to be skewed in favor of Chrome, despite Google’s funding of the undertaking.

Google’s Chrome Had Strongest Sandboxing Technology, FireFox Lacks a Formal Sandbox

As the report notes, sandboxes are quickly becoming standard best practice within many popular applications. The report said that Google’s Chrome provided the most restrictive sandbox, limiting almost all interaction with the OS to the broker process. “Internet Explorer has made valiant first steps at a sandbox by using the low integrity functionality to restrict IE tabs’ persistence abilities on the system in the event of a compromise,” the report says. “Unfortunately, the low integrity mechanism permits read access to most resources, unrestricted network accessibility and a multitude of ways to alter the system state. Lastly, Firefox has yet to implement any formal sandbox, relying solely upon the process running as medium integrity; giving it the ability to perform any action of a non-administrator.”

Safest Web Browser

Chrome was also credited with releasing updates more frequently than both Mozilla and Microsoft. In terms of time to patch a reported vulnerability, Chrome was fastest, while Microsoft was the slowest. Accuvant suggests that because Internet Explorer is deeply integrated with the Windows operating system, changes in Internet Explorer can have repercussions throughout a much larger code base, adding to the time it takes to create a stable and tested patch.

Advertisement. Scroll to continue reading.

In terms of URL blacklisting, technology that helps block agains potentially malicious sites, including phishing sites and sites serving up malware, the report said that blacklisting services offered by all three browsers will stop fewer attacks than will go undetected.

“Both Google Chrome and Microsoft Internet Explorer implement state-of-the-art anti- exploitation technologies, but Mozilla Firefox lags behind without JIT hardening,” the report notes. “While both Google Chrome and Microsoft Internet Explorer implement the same set of anti-exploitation technologies, Google Chrome’s plug-in security and sandboxing architectures are implemented in a more thorough and comprehensive manner. Therefore, we believe Google Chrome is the browser that is most secured against attack,” the report concluded.

The full report, “Browser Security Comparison: A Quantitative Approach,” as well as all of the data presented within the document and the tools used to generate the data, are available for download here. The report is a great read and highly suggested for anyone in an IT security related role.

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


The recent ransomware attack targeting Rackspace was conducted by a cybercrime group named Play using a new exploitation method, the cloud company revealed this...