well it is nss, microsoft likes paying for reports like these ...

I did not expect IE to rate that high.

Chrome was pretty much what we all expected and it's the browser I use solely.

IE 10 is not among the five browsers with the most market share; as of May 1 -- less than three weeks ago -- IE 10 only had 6% of the market share:  http://news.cnet.com/8301-1023_3-57582279-93/ie-10-doubles-its-share-of-desktop-browser-market/

IE 9 and IE 8 both have much larger market shares, but the 'lab' forgets those basic facts which discredits their report and the lab's report does not consider the versions of IE with greater market share while claiming its testing the browsers with the greatest market share (which, again, is a false claim).

The "browsers" are not IE 8, IE 9, IE 10 etc...the "browsers" are IE, chrome, safari, etc....

IE as a whole is most certainly in the top 5, and as such the research used the best IE browser just as they used the best firefox and best chrome etc...

In any case, WHO CARES?  This is about being secure, and if IE10 is more secure than the other 4 does it really matter whether 6% or 60% use it?

FYI, since the focus is on mobile devices, there is no way IE9 or IE8 would have more market share since they are only for desktops and laptops...

The report specifically stated IE 10 as one of the five most popular browsers, which is an untrue statement ... if they specify version, the version they specify needs to meet their qualifications, which it does not.  It did not test the security of the most popular versions of IE (9 and 8).  That's dishonest.

WHO CARES about integrity in advertisements claiming to be unbiased reports despite failing a cursory examination?  I do for one, as would anyone who cares about valid and accurate information from honest sources.  I don't care what the NSS lab's credentials are ... this report is self-evidently false.  Integrity and honesty are not trademarked logos to slap on something and scream that you have ... they have to actually mean something.

IE has earned a reputation for horrible security, vulnerability worsened by its deep integration into the Windows operating system.  The easily un-verified falsehood I found on the surface of the report establishes that the report is not credible.  Anyone citing or relying on such an easily discredited report are themsevles being dishonest ... this refutation of the report does not prove or disprove that IE 10 is or is not secure, but such an obvious falsehood in the report coupled with Microsoft's renowned history of promising every new iteration of an old product is better, faster, more productive, more secure, etc. which has rung false so many times (yes, I am aware Microsoft is not the only developer guilty of this, but given this report tries to dismiss IE's earned ill-reputation while the report itself presents a false claim as to IE 10's marketplace dominance, for the purpose of this rebuttal its very relevant).

Popularity and honesty are not congruent.  If you are able to convince 99.9% of all computer users with a false report like this that IE is secure, that does not mean IE is actually secure.  No one who buys a Windows computer has an option to not have IE, so even if popularity were a valid measure of security, in the case of IE, its a fraudulently inflated market share that only exists due to ongoing antitrust violations by Microsoft.

there are a few misinterpretations here:

the original report is not about browsers with the most marketshare, it is about "leading" browsers.

the report is not focused on mobile devices. It just briefly mentions "mobile operations" in one of the first paragraphs. they tested the desktop versions.

It's a good test for morons, but if you're not a moron, "socially engineered malware" is shit you'll never get to begin with.  Unless something has changed, IE 10 has terrible ratings against exploits in general, and only becomes a semi secure environment if you cripple functionality with a high security setting.

I'm more interested in how easily the browser gets hijacked, whether that wonderful flash ad can infect me with something, things I don't have to be a complete retard to have a problem with in the first place.  Strange files off the internet are like email attachments from people you don't know, stop running them without checking them out first.

The lab boys aren't really in touch with reality.  Internet Explorer might have a whole bunch of out-of-box blocking capability, but load Firefox up with AdBlock, NoFlash and NoScript and straight away you're protected against a number of cheap tricks.  The strength is in the ability for security to be extended by extensions.

I think the real issue is that a similar study done by Accuvant showed that all browsers were more or less equally competent (or incompetent) at the same thing measured here by NSS...the main difference is that Accuvant used a lot more sites and apps compared to NSS...

It isn't too far fetched to imagine that NSS simply picked websites that IE 10 will block but the other browsers don't...

NSS Labs have been found to create reports to reach criteria and outcomes, which the financier had ask for. They have been doing this for years. Microsoft gets a headline, NSS loses creditability. I treat anything that comes out of NSS with a grain of salt.

Is that really any different from checking/unchecking a few boxes/options in IE?   Either way you are really just talking about 'changing' the browser's defaults.

Well I don't use IE at all, so I don't know if it has the ability to whitelist particular sites.  What that basically means for the NoScript extension is that by default none of the javascript loads unless you have specifically told it that scripts running from a particular domain are okay.