Study: 40% of Internet Users Run Vulnerable Browsers

Published on July 7, 2008 By kryo In Personal Computing

In a new joint study recently released by Google, IBM, and Switzerland, it was found that more than four out of ten web users don't have the latest updates for their browsers of choice, and are likely vulnerable to attacks as a result.

It's probably not too surprising, but in the per-browser breakdowns, Firefox and Safari users do mostly keep up to date (83% and 65% running the latest versions, respectively). What is a bit surprising to me, given that users who opt for alternate browsers tend to be more security-conscious than the general internet populace, is that Opera came out with just over half of its users keeping up with patches. And finally, IE ranked at the bottom with a bit less than half of its users running the latest version, despite automatic updates having been standard on Windows machines for some time.

What about you guys? Are you running the latest version of your browser? If not, why not?

Comments (Page 2)

eieio

on Jul 07, 2008

Between January 2007 and June 2008, less than half of IE users -- 47.6 percent -- were running the most secure browser version during the same time period.

Interesting statement from the article ...'browser version'?

I wonder if that means IE7 vs other IE versions? ... it does seem to suggest that barely over half of IE users have switched to IE7 ....

DarthAsh

on Jul 07, 2008

firefox 3 > all other browsers

Mascrinthus

on Jul 07, 2008

Consider how SSL/TLS is supported in IE 6 and Firefox 2 with the default settings. Firefox 2 by default enables SSLv3 and TLSv1 (I did not see any support for SSLv2) and stupid IE 6 by default enables SSLv2 (least secure) and SSLv3 but disables TLSv1 (most secure)!

All the root CA certificates in IE 6 and Firefox 2 have at least 2048 bit RSA keys except for those from VeriSign (which have only 1024 bit RSA keys). VeriSign is also the braintrust that issued a Microsoft CA to a hacker that called them on the phone. When VeriSign realized their major f***up they revoked the certificate but IE 6 and Firefox 2 by default don't use OCSP to check if the certificate has been revoked (hopefully that cert is now expired)!

vStyler

on Jul 07, 2008

1. It's from Microsoft.
2. It's from Microsoft.
3. There is no 3rd thing.

I'll assume you aren't running windows either then...it being from Microsoft 'n all.

Wizard1956

on Jul 07, 2008

I check updates from MS daily and get what ever is available for my version of Windows and browser.

Ditto, even though I've been using FF since FF3b4. IE7 doesn't see much use anymore.

Basically I don't count on my browser for security, that's why I have a security suite.

Good point.
If browsers were that secure,would we even need most of the other security apps?

Cavan1

on Jul 07, 2008

Cavan1, that's because with IE-Tab, you ARE using IE, it's just rendered within a Firefox window. Just like this Impulse window is doing.

Yep, but no need to open IE.

THanks Cavan1. But still no IE removal...because IE Tab relies on IE.

Should never remove IE as it is part of the OS and will always be required for something or other.

IE Tab on FF runs updates faster, for me, than IE 7 does.

Kitkun

on Jul 07, 2008

FF3 and always updating everything. I don't really open plain ol' IE7 anymore.
Though I've discovered recently that EA.com won't run on any browser for me.

Now I will duck so as not to get hit by people throwing rotten vegtables and stuff.

*throws spoiled meat*

Campaigner

on Jul 08, 2008

Not surprising. So many old people online these days that don't know how to operate a computer. Perhaps some grandchild have told them to decativate the automatic updates. Strange though....

ubernaught

on Jul 08, 2008

40% of Internet Users Run Vulnerable Browsers

Napolean as if anyone could even know that

Jafo

on Jul 08, 2008

It's personal choice. But 3 things make many people stay away from IE:

1. It's from Microsoft.
2. It's from Microsoft.
3. There is no 3rd thing.

....and your Operating System is.....?

Jafo

on Jul 08, 2008

Not surprising. So many old people online these days that don't know how to operate a computer.

Define 'old' ....

Mumblefratz

on Jul 08, 2008

Not surprising. So many old people online these days that don't know how to operate a computer. Perhaps some grandchild have told them to decativate the automatic updates. Strange though....

I doubt the fact that I was designing computers while you were still filling your diaper will have much effect on your opinion. But I can take solace in the fact that in another short 20 years you'll be old too, unless of course you have the decency to die before then.

PurrBall

on Jul 08, 2008

100% of users run a vulnerable browser. We just may not know it yet

Pixeleo

on Jul 08, 2008

....and your Operating System is.....?

Crap.

LightStar

on Jul 08, 2008

I predominantly use FF3, but I also run IE7/8 to check for web site issues on my site, and except for doing a Microsoft Update, thsoe are the only times I use IE.

Welcome Guest! Please take the time to register with us.
There are many great features available to you once you register, including:

Richer content, access to many features that are disabled for guests like commenting on the forums.
Access to a great community, with a massive database of many, many areas of interest.
Access to contests & subscription offers like exclusive emails.
It's simple, and FREE!