BLOG: The death knell for IE6 and what it means for everyone (yep even you!)

223px-Internet_Explorer_10_logo.svgThe recent Talk Talk breach thrust online security back into the headlines, and with Microsoft limiting their support of older versions of Internet Explorer from January, Unicorn IT Director Stuart Jones explains why always having the latest version of your browser has never been more important.

Nothing causes more effort and bigger constraints and frustrations for website designers or developers than supporting old web browsers.

For a few years Internet Explorer 6 (aka IE6) was pretty helpful to designers as it became a de facto standard while other browsers fell by the wayside. It wasn’t very compliant with technology standards but many websites and business systems were built against its non-standard way of working.

As the world moved on, and Microsoft attempted to make future versions of IE better support industry standards, it left many people dependent on the quirks of IE6 and it has taken years for organisations to upgrade to version 7 or 8, by which time Microsoft are now on version 11 and moving beyond!

In the meantime other web browsers and devices, such as Mozilla Firefox, Google Chrome and Apple Safari, have become much more common, especially on mobile devices.

55-h_main-w

There has also been a key strategic shift – these so-called ‘modern browsers’ are only supported in their latest versions by their respective vendors. They automatically update and you might not even realise they have. The likes of Firefox and Chrome are already on version 45 plus, but the average user wouldn’t have known it was even happening.

The huge benefit to users is they get to experience the internet as it evolves rather than being stuck somewhere 10 years ago. This is important when you think about ‘Internet Years’, where the world online seems to move much quicker than traditional bricks and mortar businesses as technology evolves.

But recently it has become significantly more important than even that.

Are you secure?

Some of the security built into older browsers isn’t considered robust and secure enough for the modern world. Computers are getting faster and more powerful so the encryption built into the likes of IE6 is just not considered safe from exploitation any more.

In the industry there have been many countdowns to the final declaration of death for IE6 but it finally took an exploitable security vulnerability in SSLv3 – the protocol designed to keep your web page connections secure – that proved to be the final death-knell.

qualys-client-test-vulnerable

As websites stopped support for SSLv3 they pretty much blocked IE6 traffic unless the browser was reconfigured to use the newer TLS 1.0 protocol. But let’s face it, if you were technical enough to know what all that meant then you had probably already upgraded your browser.

For companies still running IE6 this should have been a major wake-up call to their vulnerability. Even TLS 1.0 isn’t considered best practice anymore and is already superseded by later protocol versions, which are not supported in older web browsers.

New dawn

From January 2016, Microsoft are moving to the model adopted by its rivals of only providing support for the latest versions of those browsers available on the versions of Windows operating systems they still support. For the vast majority of us on Windows 7 or later that will mean from January Microsoft will only be supporting Internet Explorer 11 or later when released.

If you are unlucky enough to be stuck on Windows Vista you can only go as far as Internet Explorer 9 anyway – Microsoft will continue to support IE9 on Windows Vista until they stop supporting Vista.

500_F_89893016_nz2qtlOtT9K4aUmtjKBH60eBEBACu7aXBasically if your company is running an older version of Internet Explorer, such as IE7, 8, 9 or 10, from January you will no longer get security updates from Microsoft.

Whilst this won’t make you immediately insecure it will mean as soon as a vulnerability is found, the only way to resolve it will be to upgrade to whatever the latest version is at that time. That will be a case of needing to upgrade within weeks not months most likely if you haven’t already.

The good news for everyone, now you’ve been scared into upgrading, is by moving to the modern versions of browsers your internet experience will improve – significantly.

Newer browsers are much faster than their older cousins as there have been big improvements to web page rendering and the underlying programming engines. They are more robust and provide better standards compliance.

This means people developing websites spend less time trying to solve browser specific issues and more time improving their product and user experience. It means you take advantage of modern browser features such as embedded video without the woefully insecure and brittle Flash plug-in and get to experience drag and drop file uploads amongst many features.

In addition you will be safe in the comfort that, in the background, browser vendors are making your online experience more secure. Your online life will be improved by being on your browser’s latest version, and so will ours!

*SkillsServe no longer officially supports IE6 and we are phasing out IE7 and 8 support by the end of 2016 at the latest, or sooner if everyone does the right thing and upgrades. Please speak to your IT team and find out your organisation’s upgrade plans and share with your Unicorn relationship manager.

One response to “BLOG: The death knell for IE6 and what it means for everyone (yep even you!)”

  1. virtual mall cs-cart.com says :

    Great solution, thank you for an excellent article.

What do you think?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s