updated 4/27/2011 2:49:57 PM ET 2011-04-27T18:49:57

Microsoft's Internet Explorer 9 comes with an advanced security feature that makes it much safer than other Web browsers, including Google Chrome, according to a computer researcher.

Internet Explorer has long been a favorite target of cybercriminals; security holes are regularly found in older versions of the popular browser, leaving it easily exploitable for a number of different attacks.

But with the March 14 release of IE9, Microsoft may have finally gotten things right, Ed Bott of the security website ZDNet says.

Better filters for bad files

Bott cites IE9's SmartScreen filters, which run Web pages containing suspicious downloadable attachments through a database of all known programs and websites. If the page or the attachment doesn't check out, IE 9 won't let you even view it, let alone be tricked into downloading a rigged file.

"The algorithm assumes that a file — signed or unsigned — is untrustworthy until it establishes a reputation," Bott wrote. "No domain or file gets a free pass."

It's a "guilty until proven innocent" approach, and it's working for IE9 — Microsoft wrote on its Internet Explorer blog that only about seven percent of all executable files downloaded by IE were later confirmed as malicious.

The same, Bott contends, can't be said for Google Chrome.

Chrome is in the hot seat

Chrome has become an attractive target for online criminals lately because many savvy computer users regard IE as insecure.  Chrome is perceived to be safer, and its users think they're less susceptible to malware attacks, Bott suggested.

Also, because Chrome users represent a much smaller market than IE9 users, malware authors tend to not waste their time creating scams for the relatively small group.

But that trend is shifting; the SpyEye and Zeus trojans, notorious for infecting computers to steal banking credentials, have recently been targeting Chrome and the even less-used browser Opera and staying away from IE, Brian Krebs noted in his Krebs on Security blog.

With criminals migrating to Chrome, Bott says Chrome's filters, and its entire approach to protecting users, isn’t as airtight as IE9's — or even as secure as its advocates believe.

Whereas IE9 automatically blocks pages with suspicious attachments, Chrome allows users to save the file, and then choose to download it later.

But as many cybercrime ploys use social engineering tactics to make corrupt pages look legitimate, Bott said, "if the social engineering did its job, that means that a significant number of people are going to choose wrong."

Bye-bye to drive-by

In one instance, Bott came across a spoofed warning designed by hackers to look just like Google Chrome's genuine warning page.

The message on the warning read, "This type of file can harm your computer," and contained a corrupted attachment titled, "InstallInternetProtect.exe."

But that was just what was on the surface: Bott said in many cases, rogue Web pages can slip through Chrome's filters and infect users when they land on the page, a tactic called "drive-by downloads."

Having a security feature that automatically assumes the worst about a Web page, as IE9 does, might be in fact the best practice.

IE9 is currently available for Windows Vista or Windows 7; it will not run on Windows XP.


© 2012 SecurityNewsDaily. All rights reserved


Discussion comments


Most active discussions

  1. votes comments
  2. votes comments
  3. votes comments
  4. votes comments