Drop Dead Internet Explorer 6/7/8/9 : Microsoft to stop supporting older version of Internet Explorer effective January 2016
Even though Internet Explorer (IE) is currently in its 11th version, there are many computer users who are still using older version of IE. According to NetMarketShare, nearly one percent of total web browser users are still using IE 6.0, which is a gigantic number considering it was released nearly 14 years ago. In April 2014, Microsoft withdrew extended support on XP and will also be withdrawing support for Server 2003 in July this year.
Although a small percentage, it's still a symbolic number of users who are using unsupported version of browser, which are expected to be joined soon by many more. ComputerWorld last month reported that a whopping 60 percent of IE users are currently using browser versions that will become outdated within less than a year.
This is because Microsoft wanted to end some of the turmoil, disorientation and security nightmares caused by all the different versions of the browser. Therefore, it announced almost a year ago that effective January 1, 2016, the company will be supporting only the most recent version of IE, which is available for each operating system.
How do you translate that in practical terms? IE 9 will be supported only on Windows Vista and Server 2008, and IE 10 will be supported only on Windows Server 2012. In the event, you are using a later operating system (Windows 7 or 8.1, or Windows Server 2008 R2 or 2012 R2), you will have to upgrade it to IE 11, in order to continue to get updates. No more support will be available for version of IE 6,7 or 8 on any OS.
With the end of support, the outdated versions of IE will not suddenly cease to work. You will still be able to use the older browsers along with all its functions; however, it is advisable that you should not. By using the older version, you risk more by missing out on the latest and greatest feature set of the newer versions. Further, you are risking your entire system of malware and cyber attacks. End of support would basically mean no more security patches.
One has only to look at the number of susceptibilities that are regularly fixed whenever Microsoft issues a cumulative update for Internet Explorer (which is part of most Patch Tuesday releases) to realize that regular patching for your web browser is very important. For instance, the March's IE cumulative update addressed 12 different vulnerabilities, the April update addressed 10, and so forth. The IE update usually has one or more fixes that are for susceptibilities rated critical.
A fully patched web browser does not relieve you of the security concerns. Today, web browsers are a common goal of zero day attacks, for which there are no updates available. However, updating your browser is one of the most important parts of reducing the risk. Another aspect is user education as too many browser misuse require user interaction and are achieved through social engineering strategy.
The important factor is to make the users upgrade their web browsers and operating systems, in order to get rid of their old browsers. The browser and OS are very complicatedly intertwined, especially in the case of Internet Explorer. The new operating systems in built security mechanisms that helps to protect against browser-based dangers, a feature that was included in the older operating systems.
Windows 10, the next version of the Windows client operating system, will have a brand new web browser (currently known as Project Spartan) which is speculated to be set as the default browser (IE 11 will also be included for compatibility purposes). We know that Spartan will be a more simple (aka “minimalist”) browser, which, in other words, could mean a smaller attack surface. Not much has been written about Spartan’s security features, although it is said that it will support HTTP Strict Transport Security, which would tell the browser to always use SSL when visiting specific websites. Spartan also seems will not support ActiveX plug-ins – which comprises a vector for many exploits.
Spartan is reportedly said to run only on Windows 10. In order to get Spartan, you will have to upgrade the OS, which is unlike Microsoft’s normal practice of releasing versions for some of its older operating systems when it comes out with a new version of IE. However, the good news is that the upgradation to Windows 10 will be free for the ones using Windows 7 and Windows 8/8.1 versions of IE, for the first year after it’s released.
Enterprises looking to upgrade to the latest and most safe web browser is just good news for their business. Expensive down time, loss of mission-critical data and in many cases damage to a company’s image and loss of current customers and future business, which are a result of malware and other cyber attacks. According to the study conducted by the Ponemon Institute, 55 percent of malicious software attacks were achieved by exploiting web browser susceptibilities, while more than 75 percent of enterprises were infected with malware through insecure web browsers.
To sum up, Microsoft has made a clever move by withdrawing support for older browsers versions that cannot be properly secured. It is now left to the individuals and organizations to follow Microsoft’s point and make their own clever move to upgrade their browsers and/or operating systems.