[SFCC] Tomorrow's SFCC Meeting and an interesting article on Internet Explorer 9
- From: "Buzz Brooks" <buzzbro@xxxxxxxxxxx>
- To: "SFCC Members" <sfcc@xxxxxxxxxxxxx>
- Date: Tue, 19 Jul 2011 11:17:44 -0700
Just a Reminder
Don't forget the SFCC meeting tomorrow from 10 - 12 in the Fiesta room. The
main topics of the meeting will be to answer questions from members in the
"Stump the Techies" and briefly present the "How To Do It" section.
The agenda will be:
1. Review and approve minutes and financials
2. "How To Do It"
a. Create a restore point
b. Back up your system
c. Protect Your System
d. Recover a system
3. "Stump the Techies" - hopefully not too often!
a. Feel free to bring your laptops
b. Write your questions down on a sheet of paper or index card (so we can
group like questions and answer once)
c. Bring paper and pen to take notes on solutions and recommendations.
See you at the meeting.
The article below is from ZDNet and gives reasons for upgrading (free) to
Internet Explorer 9.
Internet Explorer 9 outperforms competing browsers in malware blocking test
By Dancho Danchev | July 19, 2011.
Summary: According to a newly released research by NSS Labs, Microsoft's
Internet Explorer 9 greatly outperforms competing browsers in malware
download test.
<http://i.zdnet.com/blogs/ie9_smartscreen_malware_tesat.png> Description:
http://i.zdnet.com/blogs/ie9_smartscreen_malware_tesat.png
According to a
<http://www.nsslabs.com/assets/noreg-reports/2011/nss%20labs_q2_2011_browser
sem_FINAL.pdf> newly released research by NSS Labs, Microsoft's Internet
Explorer 9 greatly outperforms competing browsers in a test against
socially-engineered malware. Based on an active testing against 615
malicious URLs for 19 days, both Internet Explorer 9 and Internet Explorer 8
topped the comparative chart.
Here are the findings:
Windows Internet Explorer 9 - IE9 caught an exceptional 92% of the live
threats
Windows Internet Explorer 8 - caught 90% of the live threats
Apple Safari 5 - caught 13% of the live threats
Google Chrome 10 - caught 13% of the live threats
Mozilla Firefox 4 - caught 13% of the live threats
Opera 11 - caught 5% of the live threats
More details:
With SmartScreen enabled and Application Reputation disabled, IE9 achieved a
unique URL blocking score of 89% and over-time protection rating of 92%.
Enabling Application Reputation on top of SmartScreen increased the unique
URL block rate of Internet Explorer 9 by 11% (to 100%) at zero hour as well
as the over-time protection by 8% (to 100%). Internet Explorer 9 was by far
the best at protecting against socially-engineered malware, even before App
Rep's protection is layered on top of SmartScreen.
Why are NSS Labs' findings not necessarily accurate?
This isn't the first time I've criticized research published by NSS Labs,
and definitely not the last. Not only is the research ignoring the existence
of client-side vulnerabilities, it's methodology is fundamentally flawed
taking into consideration the limited number of URLs the browsers are tested
against, combined with lack of testing of the additional protection features
offered by the competing browsers and the related security add-ons.
See:
*
<http://www.zdnet.com/blog/security/study-ie8s-smartscreen-leads-in-malware-
protection/2981> Study: IE8's SmartScreen leads in malware protection
*
<http://www.zdnet.com/blog/security/ie8-outperforms-competing-browsers-in-ma
lware-protection-again/4072> IE8 outperforms competing browsers in malware
protection - again
An excerpt:
By excluding client-side vulnerabilities, the study isn't assessing IE8's
DEP/NX memory protection, as well as omitting ClickJacking defenses and
IE8's XSS filter, once pointed out as a less sophisticated alternative to
the Firefox-friendly NoScript.
Socially engineered malware is not the benchmark for a comprehensive
assessment of a browser's malware block rate. It's a realistic assessment of
the current and emerging threatscape combined with comprehensive testing of
all of the browser's currently available security mechanisms, a testing
methodology which I think is not present in the study.
What do you think? Isn't the fact that client-side vulnerabilities are
excluded, undermining the benchmarking methodology used? What about the lack
of measurement of vulnerable and outdated browser plugins which could lead
to a successful exploitation through a web based malware exploitation kit?
Buzz Brooks
buzzbro@xxxxxxxxxxx
(520) 572-7363 (H)
(520 235-5467 (M)
Other related posts:
- » [SFCC] Tomorrow's SFCC Meeting and an interesting article on Internet Explorer 9 - Buzz Brooks
