Pigskin-Referee writes: When it comes to blocking malware, Microsoft's Internet Explorer 9 seems to come out on top, by leaps and bounds, over other browsers.
Tests by NSS Labs to "examine the ability of five different web browsers to protect users from socially-engineered malware" showed that IE9 was able to block this kind of threat 99 percent of the time, beating out Apple Safari 5, Google Chrome 12, Mozilla Firefox 4 and Opera 11.
The closest another Web browser got to that blocking-the-bad stuff rate was Chrome, at a very distant 13.2 percent. At the low end of the blockers was Opera, with a 6.1 percent rate.
NSS also tested socially engineered malware targeted at users in Asia Pacific and in Europe and found IE9 again seemed to blow the others away, with a 95 percent mean block rate in Asia and 92 percent in Europe. Chrome was again second, with a 15.4 percent block rate in Asia being its highest score. Opera again finished last.
Pigskin-Referee writes: WebGL is a new web standard for browsers which aims to bring 3D graphics to any page on the internet. It has recently been enabled by default in Firefox 4 and Google Chrome, and can be turned on in the latest builds of Safari. Context has an ongoing interest in researching new areas affecting the security landscape, especially when it could have a significant impact on our clients. We found that:
A number of serious security issues have been identified with the specification and implementations of WebGL.
These issues can allow an attacker to provide malicious code via a web browser which allows attacks on the GPU and graphics drivers. These attacks on the GPU via WebGL can render the entire machine unusable.
Additionally, there are other dangers with WebGL that put users’ data, privacy and security at risk.
These issues are inherent to the WebGL specification and would require significant architectural changes in order to remediate in the platform design. Fundamentally, WebGL now allows full (Turing Complete) programs from the internet to reach the graphics driver and graphics hardware which operate in what is supposed to be the most protected part of the computer (Kernel Mode).
Browsers that enable WebGL by default put their users at risk to these issues.
Pigskin-Referee writes: Microsoft has released a Windows Media Player HTML5 Extension for Chrome so as to enable H.264-encoded video on HTML5 by using built-in capabilities available on Windows 7. As you may recall, less than two months ago, Microsoft released the HTML5 Extension for Windows Media Player Firefox Plug-in with the same goal in mind. Even though Firefox and Chrome are big competitors to Microsoft's own Internet Explorer, the software giant has decided Windows 7 users should be able to play back H.264 video even if they aren't using IE9.
Here's the current state of HTML5 video: Microsoft and Apple are betting on H.264, while Firefox, Chrome, and Opera are rooting for WebM. Google was actually in favor of both H.264 and WebM up until earlier this month, when the search giant decided to drop H.264 support completely, even though the former is widely used and the latter is not. The company also announced that it would release WebM plugins for Internet Explorer 9 and Safari. Although IE9 supports H.264, excluding all other codecs, Microsoft is making an exception for WebM, as long as the user installs the corresponding codec, and is helping Google ensure the plug-in works properly.