It's time to finally drop Internet Explorer 6

Exploit code is now online for the latest zero-day affecting IE, highlighting how important it is to upgrade off of IE6

Symantec's Talbot shared the same concerns "For enterprises, not only is there a cost to purchase software, there is also the cost to deploy and maintain. An enterprise must quality-assure software to ensure the new version meets the current needs and that there are no compatibility issues. They must also allocate IT resources to deploy the update. Then there is also an education component that must be provided for users to address differences between versions and how to handle known compatibility issues."

A Microsoft spokesperson commented via e-mail to say "Microsoft has consistently recommended that consumers upgrade to the latest version of our browser. Internet Explorer 8 offers improvements in speed, security and reliability as well as new features designed for the way people use the web. While we recommend Internet Explorer 8 to all customers, we understand we have a number of corporate customers for whom broad deployment of new technologies across their desktops requires more planning."

I understand that it can be a daunting undertaking to ensure that all commercial software and custom internal applications used by the organization will work properly under a newer Web browser--or find and implement alternate applications that will. Continuing to run IE6, though, is like leaving your car unlocked with the keys in the ignition.

Internet Explorer 8 Wins Against Social-Engineering Attacks

A recent report from NSS Labs illustrates why moving from IE6 (or even IE7) to IE8 should be a priority for IT administrators. It also contradicts the IE-bashing wisdom and shows that IE8 is actually the most secure Web browser when it comes to protecting systems against social networking and Web 2.0 attacks.

Socially-engineered malware attacks--or phishing attacks--pose an increasing risk to organizations. These attacks use social engineering and exploit the trust of the end-user to compromise, steal, or damage sensitive information.

The NSS Labs report claims "53 percent of malware is now delivered via Internet download versus just 12 percent via e-mail according to statistics from Trend Micro. And, according to Microsoft, as many as 0.5 percent of the download requests made through Internet Explorer 8 are malicious."

NSS Labs tested five Web browsers (IE, Firefox, Safari, Chrome, and Opera) over the course of 18 days. Testing was conducted 24x7 during the evaluation period, attacking the browsers with more than 550 socially-engineered malware links.

This was the third time NSS Labs has conducted these Web browser security tests. According to the report, "Over the three tests, Windows Internet Explorer 8 provided the best protection against socially-engineered malware and was the only browser that improved its block rate test-over-test, successfully stopping 69 percent, 81 percent, and 85 percent of threats in each respective test."

Talbot explained that there is nothing magical that makes any Web browser inherently superior to the rest. "Applications and operating systems from any vendor typically don't have anything special in terms of their code that makes them impervious to vulnerabilities and therefore attacks."

"It really comes back to the fact that the more popular software is the more it will be targeted. Thus, if everyone in the world switched to some obscure browser with very little market share, attackers would start targeting it. Attackers go where the money is, and the money is wherever the people are," summed up Talbot.

Tyler Reguly, lead research engineer for nCircle, also responded by e-mail and expressed similar sentiment that the browser itself is not the issue. "The insecurity these days comes from a lack of 'smart browsing' or 'safe browsing'. People are too willing to browse the seedy underbelly of the internet. Many people wouldn't walk down a dark alley and purchase items from a guy sitting in the dark, but they're willing to visit (and purchase from) websites that are the cyber-equivalent."

To sum it up--stop using Internet Explorer 6. You will be doing yourself, your company, and the rest of the world that shares the Web with you a tremendous favor. And, as long as you're upgrading away from IE6, IE8 offers a solid Web browser to switch to.

Other Web browsers such as Firefox or Chrome would also be exceptionally more secure than IE6, however organizations that are used to managing IE through Group Policy and updating it using the tools provided by Microsoft need to consider how supporting and patching alternate browsers will fit into the network infrastructure.

R.I.P. IE6. We knew thee (too) well.

Tony Bradley is co-author of Unified Communications for Dummies. He tweets as @Tony_BradleyPCW. You can follow him on his Facebook page, or contact him by email at tony_bradley@pcworld.com.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags web browsersMicrosoftsecurityInternet Explorer

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tony Bradley

PC World (US online)
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?