IE browser XSS flaw opens door to thieves and phishers
IE browser XSS flaw opens door to thieves and phishers

Of the major web browsers, Internet Explorer (IE) offers the best default privacy settings, but it leaves much to be desired in terms of malware defence.

According to a new study by NSS Labs, after examining the privacy features built into Microsoft's IE 10, Mozilla's Firefox 20.0.1, Google's Chrome 26 and Apple's Safari 5.1.7, IE offered users the easiest option for enhanced privacy while browsing.


According to the “Browser Security Comparative Analysis” (PDF) evaluation on privacy, IE ranked the best due to several factors, including its method of blocking certain privacy-invading cookies by default.


In addition to IE 10 having Tracking Protection Lists (TPL), which allow users to choose which visited sites gather data on their browsing history, the biggest factor that pushed it up the rankings was the fact that “Do Not Track” is turned on by default. This feature that does not track users' online browsing habits, is turned off by default in Chrome, Safari and Firefox.

But while IE beat other browsers for its privacy safeguards, it ranked worst in blocking URLs that led users to infected websites.

In another study comparing browsers' website blocking abilities, NSS Labs found that IE 10 performed “relatively poor,” blocking 83 per cent of malicious URLs, while Firefox 19.0.2 had the highest rate of blocking spurious sites, with a 96 per cent rate.


Safari 5.1.7 came in second, blocking 95 per cent of malicious URLs on average, followed by Chrome 25, with a 92 per cent block rate, then the Opera 12 browser (Opera 15 is the latest release), which had an 89 per cent catch rate.