Friday, January 08, 2016

Microsoft Officially Drops Security Support For Internet Explorer 8, 9, 10

 All good things (or bad depending on your point of view) must come to end and right? This week we will see Microsoft's long planned end of support for older versions of Internet Explorer, meaning that much like users of the company's older operating systems that have been retired, users of the older version of the Internet Explored browser will no longer receive security updates for any un-patched flaws or exploits!

We are at yet another  Microsoft-imposed deadline, which heralds the end of support for outdated software. Next Tuesday will bring the first batch of Microsoft security bulletins for 2016 and it will also mark the end of security support for Internet Explorer versions 8, 9 and 10. Microsoft made the call almost 18 months ago, giving all of their customers and businesses ample time to prepare for the day when those versions of IE, battered by zero-days, exploit kits and targeted attacks, should be retired.

In reality, however, many users out there are either unwilling or unable to comply with these deadlines. This does not mean that we shouldn't take notice and shouldn't take Tuesday’s deadline seriously. In fact even if you aren't using IE on your own machine you should still be aware of the risks as they may potentially put businesses at risks and therefore may put your own personal data at risk as well!

Statistics from a number of sources show us that there is still a significant percentage of web traffic moving through IE., for example, says that while IE 11 holds more than 25 percent of market share, IE 8, 9 and 10 combined still account for more than 20 percent. Researchers at Duo Security, examining traffic moving through their services, put the percentage a bit higher for IE 9 and 10—almost 36 percent—running on Windows 7, 8, or 8.1.

Given that browsers historically offer hackers a much juicier attack surface than operating systems, folks may want to take Tuesday’s deadline seriously.

“In most cases an attacker will need to already have access to a local network or be able to trick users into opening malicious files as part of a successful attack leveraging Windows XP vulnerabilities,” said Tripwire security researcher Craig Young. “The web browser on the other hand is of course used to constantly process data from potentially untrusted sources leaving users exposed to a wide range of attack.”

Microsoft warns IE users that without action, after January 12, 2016, they will no longer provide security updates or technical support for older versions of Internet Explorer. Noting that security updates patch vulnerabilities that may be exploited by malware, helping to keep users and their data safer. Regular security updates help protect computers from malicious attacks, so upgrading and staying current is important.

For full details on the end of life cycle of Internet Explore and how you can update and protect  own system you can read the Windows lifecycle FAQ sheet to learn more. If you have not yet updated to Internet Explorer you can do so via the Windows Update portion of the control panel or via Microsoft's Download Site.

No comments:

Post a Comment

All comments will be moderate for content, please be patient as your comment will appear as soon as it has been reviewed.

Thank you