Microsoft Launches Browser Security Website
Microsoft have launched a new website aimed at helping people identify how secure their web browser really is. www.YourBrowserMatters.org will tell visitors in a simple score from 0 to 4 just how secure they are when they go online.
In a blog post today, the company said that 24.4% of all web browsers are outdated and insecure. Of this 15.2% includes Internet Explorer 6 and 7 (it's odd that Microsoft are suddenly now calling IE7 insecure) and 7.5% are older versions of Mozilla Firefox.
In their breakdown by country the USA appears to be the worst offender with just under 22 million computers using insecure browsers. Brazil is second with just over 7 million, France is third with 5 million, the UK has 4.2 million and China has just under 4 million. I'm not completely sure where this fits with Microsoft's IE6 Countdown site which states that more than 25% of all browser usage in China is still IE6.
Microsoft's stats say that this 24.4% equates to around 340 million PCs worldwide. In a statement they said...
With that in mind, we’ve partnered with the Anti-Phishing League, Identity Theft Council, and Online Trust Alliance to raise awareness of the critical role browsers play in online security and make it as easy as possible for people to protect themselves.
The new website itself does more than just give your browser a health rating. There is useful information there on what malware is, with a useful video for the uninitiated. There is also information on what modern browsers do to keep people safe when they're online and also help and advice on how you can stay safer when you're online.
Oddly, what the browser doesn't do is bring the latest version of Internet Explorer front and centre, instead relegating it to a small download button hidden away on the website's last page. This is probably a very good idea given the organisations that Microsoft has formed alliances with for this project.
It is very true that you should always make sure you have the latest and most up to date version of whatever browser you are using, be that Internet Explorer, Chrome, Firefox, Safari or Opera and that you have installed all the latest security and other patches.
It is always good to see when companies try and give the public additional advice too. People can become too reliant on the web browser protecting them from 'everything' and they can then feel they can click around random links with impunity. In fact this is the best way to get your computer infected with malware, or have your identity stolen, and it is the responsibility of every Internet user to remain cautious and vigilant when online.
The Online Trust Alliance say of the project...
“The mission of the Online Trust Alliance is to enhance online trust and confidence. When it comes to online security and privacy, the browser plays an important part in helping to make the internet safer for all users. Since our inception, OTA has been a proponent of improving browser security and getting people to move to more secure platforms...  More must be done to help educate users on the need to move to more modern browsers and we applaud Microsoft’s leadership and collaboration in this important initiative.â€
Martin's take
Your Browser Matters is a new site by Microsoft and partners that aims to make Internet users aware of security in general, and the web browser they use in particular. Some users may decide to ignore the site completely considering that it is maintained by Microsoft, others might want to check it out to see what it is all about and if the points that it tries to make are valid.
When you open the homepage of the informational site in a supported web browser you get a score for that browser right away. The site unfortunately does not support beta versions of web browsers which means that I was only able to get a score for Internet Explorer 9. Neither Firefox Aurora, Google Chrome Dev nor the latest stable Opera version were compatible with the site.
Microsoft's Internet Explorer 9 scores 4 out of 4 points, which obviously is the highest possible score. Ed Bott ran Chrome Stable and Firefox Stable through the test and noticed that the browsers scored 2.5 (Chrome) and 2 (Firefox) respectively.
It all boils down to the test criteria. When you look at all of them in the screenshot below you will notice that Microsoft analyses how the browser handles the following four attack forms: Dangerous downloads, Phishing websites, Attacks on your browser and Attacks on websites.
You will also notice that no browser scores perfectly in all tests. Microsoft's Internet Explorer 9 for instance fails in three of the sixteen tests, Chrome in seven and Firefox even in nine tests.
When you look at the core differences you notice that Microsoft's Internet Explorer is the only browser in the test that passes all dangerous download tests which the company attributes to its SmartScreen technology. Both Firefox and Chrome fail in the tests.
All browsers pass the phishing websites tests. The attacks on your browser group of tests is divided into securing extensions and effective sandbox. Internet Explorer is the only browser according to Microsoft with the ability to restrict extensions and plugins on a per-site basis. The browser also passes the "benefits from Windows operating system features that protect against structured exception handling overwrite attacks" test where the two others fail.
Chrome on the other hand is the only browser in the list that passes the sandbox test.
Internet Explorer passes four of five tests of the attacks on websites test. It is the only browser that can automatically block insecure content from https pages and to sanitize HTML to remove potentially problematic code.
The question at this point is obviously if the tests are biased towards Internet Explorer by leaving out tests that might not be as favorable.
I can list a few missing tests without really thinking much about it, for instance:
- Is the browser protecting the user from third party extension or plugin installations?
- Does the browser warn the user of outdated plugins?
- Can users disable security related features, like JavaScript on a per site basis.
- Does the browser support different user profiles?
What I like about the site in general is that it offers information that educate users. The prevention tab for instance lists basic but important security information on one page.
Security is obviously only one feature when users pick a favorite browser that they use most of the time. There are other features like speed, extensions support or general compatibility with web standards that can make a difference.
What's your take on Your Browser Matters? Is Microsoft making a valid point here or is this just marketing mumbo-jumbo?
Before you answer note that that Internet Explorer 6 scores 0 of 4 points and Internet Explorer 7 1 out of 4.
Update: The website is being redirected to the The Beauty of the web website which does not display the information anymore that is mentioned above.
Advertisement
Are these articles AI generated?
Now the duplicates are more obvious.
This is below AI generated crap. It is copy of Microsoft Help website article without any relevant supporting text. Anyway you can find this information on many pages.
Yes, but why post the exact same article under a different title twice on the same day (19 march 2023), by two different writers?
1.) Excel Keyboard Shortcuts by Trevor Monteiro.
2.) 70+ Excel Keyboard Shortcuts for Windows by Priyanka Monteiro
Why oh why?
Yeah. Tell me more about “Priyanka Monteiro”. I’m dying to know. Indian-Portuguese bot ?
Probably they will announce that the taskbar will be placed at top, right or left, at your will.
Special event by they is a special crap for us.
If it’s Microsoft, don’t buy it.
Better brands at better prices elsewhere.
All new articles have zero count comments. :S
WTF? So, If I add one photo to 5 albums, will it count 5x on my storage?
It does not make any sense… on google photos, we can add photo to multiple albums, and it does not generate any additional space usage
I have O365 until end of this year, mostly for onedrive and probably will jump into google one
Photo storage must be kept free because customers chose gadgets just for photos and photos only.
What a nonsense. Does it mean that albums are de facto folders with copies of our pictures?
Sounds exactly like the poor coding Microsoft is known for in non-critical areas i.e. non Windows Core/Office Core.
I imagine a manager gave an employee the task to create the album feature with hardly any time so they just copied the folder feature with some cosmetic changes.
And now that they discovered what poor management results in do they go back and do the album feature properly?
Nope, just charge the customer twice.
Sounds like a go-getter that needs to be promoted for increasing sales and managing underlings “efficiently”, said the next layer of middle management.
When will those comments get fixed? Was every editor here replaced by AI and no one even works on this site?
Instead of a software company, Microsoft is now a fraud company.
For me this is proof that Microsoft has a back-door option into all accounts in their cloud.
quote “…… as the MSA key allowed the hacker group access to virtually any cloud account at Microsoft…..”
unquote
so this MSA key which is available to MS officers can give access to all accounts in MS cloud.This is the backdoor that MS has into the cloud accounts. Lucky I never got any relevant files of mine in their (MS) cloud.
>”Now You: what is your theory?”
That someone handed an employee a briefcase full of cash and the employee allowed them access to all their accounts and systems.
Anything that requires 5-10 different coincidences to happen is highly unlikely. Occam’s razor.
Good reason to never login to your precious machine with a Microsoft a/c a.k.a. as the cloud.
The GAFAM are always very careless about our software automatically sending to them telemetry and crash dumps in our backs. It’s a reminder not to send them anything when it’s possible to opt out, and not to opt in, considering what they may contain. And there is irony in this carelessness biting them back, even if in that case they show that they are much more cautious when it’s their own data that is at stake.