but I had a quick look at it and noticed a couple of things that concerned me about it.

They tested against a list of known suspicious URLs, and the test method seemed NOT to be testing the quality of the browser, but the database the browser accesses over the Internet to see if the website you're going to is listed as a malware site.

I have a major issue with the claim about the level of protection if that's the case, as a LOT of people turn off that site list checking system due to access problems because they do NOT have broadband and it takes up a lot of time on dial-up - rural area issue and I'm in a rural area with many clients out of town. I also have an issue with the MS site list as it will often list a site as suspicious if the owners of that site do not jump through certain hoops for Microsoft. I've often seen MSIE kick a known and trusted site back as being a security issue on a regular basis since they stopped paying Microsoft for security verification services. No malware on the site, but no current MS verification, so it gets a big no-no sign.

I wonder how this test would have come out if they created a new site with some malware and accessed it? I also wonder how it would have come out if they hit the same list of suites with the over the Internet URL checking turned off so the browser was left up to its own internal capabilities and not remote control.

I do know of people who've been hit with malware from site while using MSIE 9 and I've hit the same sites using Fire Fox and had no problems.

Edit to add - did they also test MSIE 9 for the known vulnerabilities in earlier versions of MSIE where it was used to launch into Windows itself? And did they test for the past known vulnerabilities where other MS products were used to launch into MSIE?