A browser that's good at detecting malicious URLs and downloads can be your first line of defense. NSS Labs tested the four top browsers and found a huge range of accuracy, with Windows 8's Internet Explorer 10 handily beating all the rest.

program.

NSS Labs researchers spent most of September putting Internet Explorer, Mozilla Firefox, Google Chrome, and Apple Safari to the test under Windows 8. Every day they captured hundreds of real-world malicious URLs and inflicted them on each of the four browsers. To ensure freshness of each sample, they performed the browser tests immediately and verified that the URL was actually malicious afterward, discarding any that didn't meet the test criteria. They accumulated over 90,000 real-world URLs and used around 900 of those in testing.

Levels of Protection

IE and Chrome block malicious downloads in two ways. First, they check the URL's reputation; if it's a known malware-hosting site they divert the user to a warning page. Second, they check the downloaded file itself and warn the user if it's malicious. For testing purposes, the researchers tracked these two types of protection separately.

Safari and Firefox also rely on Google's Safe Browsing API to block known bad URLs, but only Chrome includes the additional detection for malicious downloads.

Lopsided Results

Internet Explorer 10 protected the test systems against 99.1 percent of the malicious URLs thrown at it by the researchers. It blocked almost 90 percent of the URLs before the malware download even began. The Application Reputation component handled the rest by flagging the downloaded file as dangerous.

Chrome has earned low scores in earlier editions of this test—better than Opera and Safari, but still poor. This time around it achieved 70.4 percent protection, which is a big improvement. Just 4.5 percent of the detection occurred at the URL level via the Safe Browsing API. Chrome flagged the remainder as malicious after the download.

As for Opera and Safari, the only protection they offer against malicious downloads comes through the Safe Browsing API, so they both scored barely over 4 percent protection.

Recommendations

Not surprisingly, NSS Labs recommends choosing a browser that's effective at blocking malware downloads. Those who just can't bear to use Internet Explorer should make sure to use "antivirus suites with robust web reputation technologies." The full report, available on the NSS Labs website, offers an extremely detailed look at the test methodology.