Government Technology

Internet Explorer 6 More Popular Than Newer Versions Despite Outdated Security

February 24, 2010 By

More and more, it seems like the weak links in enterprise security are end-users. But there may be an easy fix: A new report released this week says if organizations want to make their networks more secure, a simple browser update may do the trick.

Roughly half of the organizations analyzed in a study from software-as-a-service provider Zscaler used Internet Explorer 6, according to worldwide Web usage patterns during the last three months of 2009. IE 6 is believed to have more security vulnerabilities than the more recent IE 7 and IE 8.

Zscaler's State of the Web report was released Tuesday, Jan. 23., in which the company analyzed global Web use patterns and malware activity to come up with the findings. Public- and private-sector enterprises were included in the data.

"In a lot of large organizations, especially the Fortune 100, the security teams do understand that there's a serious risk in using old browsers," said Manoj Apte, the company's vice president of product management.

Apte said organizations are often tied to applications that work better with an older browser like IE 6, so a switch to something more current and secure might cause problems. In these cases, a business model may hinge on a piece of technology that leaves the organization vulnerable to infiltration.

"It isn't grandma and grandpa who aren't updating their IE. It's corporations that aren't adopting newer and secure technologies," said Mike Geide, a Zscaler senior researcher.

Many Organizations Using IE 6

The survey research found that 48 percent of enterprises analyzed use IE 6, 46 percent use IE 7, 5 percent use IE 8 and 1 percent use another version. IE 6 doesn't maintain malicious URL and phishing block lists, which is common in all major browsers. More than 70 percent of the enterprises included in the data used some version of IE in October, November and December 2009.

Zscaler also revealed countries that are home to the servers hosting the malware that's plaguing organizations today - the U.S. is home to 80 percent. It's also home to three of the top 10 botnets scouring the Web today. The No. 1 IP address producing malware was from the Ukraine and produced about 44.11 percent of the botnets detected in the fourth quarter of 2009, including some pesky Zeus infections. A Zeus trojan recently infected more than 74,000 PCs around the globe.

The remaining four of the top five IP addresses responsible for many of the successful botnets during the end of 2009 were the United States' at 15.7 percent, the Russian Federation's at 9.8 percent, Sweden's at 8.4 percent and Sweden again, with IP address at 7.0 percent.


| More


Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
McAfee Enterprise Security Manager and Threat Intelligence Exchange
As a part of the Intel® Security product offering, McAfee® Enterprise Security Manager and McAfee Threat Intelligence Exchange work together to provide organizations with exactly what they need to fight advanced threats. You get the situational awareness, actionable intelligence, and instantaneous speed to immediately identify, respond to, and proactively neutralize threats in just milliseconds.
Better security. Better government.
Powering security at all levels of government with simpler, more connected IT.
Cybersecurity in an "All-IP World" Are You Prepared?
In a recent survey conducted by Public CIO, over 125 respondents shared how they protect their environments from cyber threats and the challenges they see in an all-IP world. Read how your cybersecurity strategies and attitudes compare with your peers.
View All

Featured Papers