Support for Older Versions of IE Lose Support Tuesday
Posted by: Timothy Weaver on 01/09/2016 11:45 AM [ Comments ]
Next Tuesday will bring the first batch of Microsoft security bulletins for 2016 and it will also herald the end of security support for Internet Explorer versions 8, 9 and 10.
Netmarketshare.com, for example, says that while IE 11 holds more than 25 percent of market share, IE 8, 9 and 10 combined still accounts for more than 20 percent. However, Duo Security, examining traffic moving through their services, put the percentage a bit higher for IE 9 and 10—almost 36 percent—running on Windows 7, 8, or 8.1.
Tripwire security researcher Craig Young said: “In most cases an attacker will need to already have access to a local network or be able to trick users into opening malicious files as part of a successful attack leveraging Windows XP vulnerabilities. The web browser on the other hand is of course used to constantly process data from potentially untrusted sources leaving users exposed to a wide range of attack.”
Michael Hanley, program manager of research and development at Duo Security said: "Attackers have known since the summer of 2014 that Microsoft was dropping support for IE; it’s reasonable to assume that attackers know people are staying on these platforms and will take advantage of the circumstances. We still expect an aggressive effort against IE 8, 9 and 10 going into 2016.”
Businesses with application requirements for older web browsers would be well advised to block browsing from these systems.
Source: ThreatPost
Tripwire security researcher Craig Young said: “In most cases an attacker will need to already have access to a local network or be able to trick users into opening malicious files as part of a successful attack leveraging Windows XP vulnerabilities. The web browser on the other hand is of course used to constantly process data from potentially untrusted sources leaving users exposed to a wide range of attack.”
Michael Hanley, program manager of research and development at Duo Security said: "Attackers have known since the summer of 2014 that Microsoft was dropping support for IE; it’s reasonable to assume that attackers know people are staying on these platforms and will take advantage of the circumstances. We still expect an aggressive effort against IE 8, 9 and 10 going into 2016.”
Businesses with application requirements for older web browsers would be well advised to block browsing from these systems.
Source: ThreatPost
Comments