1

Your web browser provides a window onto the Internet, but unless you are timely in updating the client you use then, say researchers with security vendor Kaspersky Lab,that window may be cracked and allow a draft of insecurity to blow through into your network, your computer and your data.

firefoxversions With the majority of online threats coming from the direction of the web, vulnerabilities in web browser clients are increasingly being used in order to infect networks and compromise data integrity. It's why the so called 'zero-day' exploits are so valuable within the cybercriminal community. While zero-days are hard, if not impossible, to defend against the unfortunate truth of the matter is far more people are leaving themselves exposed to attack simply by not keeping their browser clients updated.

Although full version upgrades tend to add a host of new features and improve the functionality of the browser, and as such grab the attention of what you might call the 'lazy updater', the same is not true of minor point upgrades. Yet these minor upgrades are, more often than not, far more important in the overall scheme of things and certainly when it comes to keeping your systems secure. It's the point upgrades that address plug the vulnerability gaps that are uncovered, that provide the enhanced security measures required to keep your data safe.

Using data on browser usage trends from a staggering 10 million randomly selected Kaspersky Security Network customers from various regions across the world, Kaspersky Lab has produced a report that analyses actual usage of web browser software by consumers. At the time of the analysis, across some 700 million launch events, Kaspersky Lab looked at 36 major versions of five web browser clients. The research provided some results that could be filed under 'hardly earth-shattering news' such as the fact that both Internet Explorer and Mozilla Firefox are continuing to lose market share to Google Chrome. However, there were a few more interesting surprises, especially when it comes to the 23% of users who do not have the latest version of a browser client installed.

Kaspersky Lab is quick to point out that this report is based on real usage statistics rather than just collating the user agent IDs seen by web servers to tally the most popular browser clients. Because of the methodology used to get the data for this report, Kaspersky Lab explains that it means users could have an up-to-date version of Google Chrome which they use day to day but equally also have an outdated copy of Internet Explorer installed which keeps a security hole open for potential attackers.

Of the 23% of users with an old version of a browser installed, 14.5% are running the previous version but a further 8.5% have an 'obsolete' client. When a new version of a browser is released, it takes on average a month before most users upgrade to the new client. One interesting statistic, given that users with alternative clients are often thought to be the more technically savvy and therefore most likely to upgrade almost religiously, was that 80.2% of Internet Explorer users had the latest version installed compared to 79.2% of Google Chrome users and just 66.1% of those running Mozilla Firefox. Yet the most notable examples of obsolete browsers are Internet Explorer 6 and 7, with a combined share of 3.9% which represents hundreds of thousands of users worldwide.

Andrey Efremov, Director of Whitelisting and Cloud Infrastructure Research at Kaspersky Lab, says “Our new research paints an alarming picture. While most users make a switch to the most recent browser within a month of the update, there will still be around a quarter of users who have not made the transition. That means millions of potentially vulnerable machines, constantly attacked using new and well-known web-born threats. This is strong evidence of the urgent need for proper security software which is able to react to new threats in a matter of minutes, not days or even weeks.”

You can read the full 'Global Web Browser Usage and Security Trends' report here.

Edited by happygeek: unstuck

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

8
Contributors
8
Replies
155
Views
5 Years
Discussion Span
Last Post by MidiMagic
0

Not exactly a revelation, it's a long standing problem here in the UK with government departments and many large orginisations being tied into ridiculous support contracts that require them to use IE6. WinXp is of course still around and being re-installed on a regular basis. Then you have the dJuggler community across the globe all merrily scraping those hard to reach places on the web (the free version of this headless automated browser is hardcoded with an IE6 userAgent )

1

Yes, I had seen that there are people using IE6 Still!. People are not willing to change what they use now. We get many customers daily, and most of their computers are the palace of Virus and Malware. People do not know how to respond when they get a popups from browser. Normally we teah customers how to deal with popups and suspecious site. Many people offen fall down when they see the word "FREE". We educated several customers on this matter. Also, What ever browser we use, We must make sure that our Antivirus software really does what it is supposed to do. I have been using Avast for few years, and I am really satisfied with this. I dont think no ohter antivurs software companies provides a free antivirus like Avast.

IF any visitors are coming to this site who require some help on fixing problem I am ready to support.

Edited by happygeek: Fake sig deleted

0

There are several reasons:

  • Incompatibility with existing add-ons

  • IT departmnents not allowing upgrades (or even updates) until they are security tested internally.

  • Incompatibility with websites used by the user.

  • The upgrade is not free.

0

We use Windows XP! But at our site we are now primarily installing chrome as the default browser. Unfortunately some older software does require the use of IE. So for this software we are forced to use an older browser until the software providers can fully support a newer browser, like chrome - we are stuck :( !

-3

Hi everyone,can you help me.How can Learn I web design and please help anyone.Thank's ur friends.

0

More reasons:

  • Requires a newer version of the operating system, which requires replacing the computer.

  • Requires a newer version of the operating system, which requires giving up software and hardware your work depends on.

  • Requires more disk space, which other upgrades have eaten up.

  • Requires a newer version of the operating system, which requires a stupidphone, because it won't work with a desktop.

Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.