It's time to finally drop Internet Explorer 6

Exploit code is now online for the latest zero-day affecting IE, highlighting how important it is to upgrade off of IE6

A security researcher has published exploit code for the latest Internet Explorer zero-day flaw on the Web and Microsoft is warning that more attacks against the unpatched vulnerability can be expected in-the-wild. One thing seems to be more apparent with each passing Internet Explorer (IE) vulnerability: its time to upgrade the Web browser.

This zero-day exploit of Internet Explorer is just the most recent demonstrating that IE8 is more secure than its predecessors--especially IE6. Security aside, Web hosts and developers generally despise IE6 as well. For evidence of this fact you need look no further than the extensive list of supporters displayed on the IE6nomore.com site.

IE6 is Note Secure

Wolfgang Kandek, CTO of Qualys, noted via email "IE6 is a 10-year old browser, with its architecture designed when the Internet was a much more innocent place. IE8 has many additional security features and had the Microsoft SDL [Security Development Lifecycle] applied throughout. Its CSS and JavaScript support are much better than IE6, or even IE7, and it is a much more robust interface for the new Web 2.0 type applications."

Joshua Talbot, Security Intelligence Manager, Symantec Security Response agreed "IE 6 does not have the security features implemented in later versions of IE; for example, Data Execution Prevention (DEP) and Protected Mode. DEP makes it more difficult for attackers to successful exploit memory corruption vulnerabilities, while Protected Mode limits what an attacker can do if they are able to gain control of the IE process."

This is the part where many readers stop reading and jump over to the comments to express their opinion--sometimes quite passionately--that everyone should just stop using Internet Explorer completely and that anyone who chooses to continue using IE as their Web browser deserves the issues and security concerns that come with it.

Judging from the Web browser market share trends, there are many who subscribe to the "drop Internet Explorer" mantra. Microsoft has seen steady--although minute--declines in market share month after month, while rival Web browsers such as Firefox and Chrome continue to make gains. Still, Microsoft holds a dominant stake at almost 62 percent--more than double the share held by second-place Firefox.

If you drill a little deeper in the browser market share data, though, you will find that not only is Internet Explorer the number one browser, but IE8 specifically is at the top of the list with more than 22 percent of the browser market. Not too shabby for a browser that will celebrate its one-year anniversary next week.

What is concerning is that the number two browser is the nine year old IE6 at almost 20 percent of the market. Although IE7 has been available for almost four years, it is the number four browser, coming in behind Firefox 3.5 with a meager 13.57 percent.

Wean Off of IE6

IE6 is simply not secure and businesses and IT administrators should make it a priority to upgrade the Web browser as soon as possible. The Web is a major vector for cyber attacks and the Web browser is the Achilles heel that makes organizations vulnerable and creates the weakest link in the security chain.

Of course, it's not quite that easy. Many organizations that still rely on IE6 would like to make the switch to IE8 but can't. Kandek explained "In the corporate environment, software is managed, and IE6 or IE7 are part of the initial, approved build that works on all internal applications. Requalifying that build against all internal applications is a large effort that many companies do not have resources for."

"If they do, they might find applications that specifically use IE6 features that are incompatible with other browsers. Recently one of our larger customers told me that they had dozens of applications that do not run under IE8," continued Kandek.

Join the PC World newsletter!

Error: Please check your email address.

Tags web browserssecurityMicrosoftInternet Explorer

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tony Bradley

PC World (US online)

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Shopping.com

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?