Study: 40% of Internet Users Run Vulnerable Browsers

July 7, 2008 2:27 PM from

In a new joint study recently released by Google, IBM, and Switzerland, it was found that more than four out of ten web users don't have the latest updates for their browsers of choice, and are likely vulnerable to attacks as a result.

It's probably not too surprising, but in the per-browser breakdowns, Firefox and Safari users do mostly keep up to date (83% and 65% running the latest versions, respectively). What is a bit surprising to me, given that users who opt for alternate browsers tend to be more security-conscious than the general internet populace, is that Opera came out with just over half of its users keeping up with patches. And finally, IE ranked at the bottom with a bit less than half of its users running the latest version, despite automatic updates having been standard on Windows machines for some time.

What about you guys? Are you running the latest version of your browser? If not, why not? [more]

99,790 views 40 replies

Reply #1 July 7, 2008 3:04 PM from

Stardock Forums Top

A small history of security concerns:

Opera 7: http://secunia.com/product/761/

Opera 8: http://secunia.com/product/4932/

Opera 9: http://secunia.com/product/10615/

Firefox 2: http://secunia.com/product/12434/

Firefox 3: http://secunia.com/product/19089/

I do run the latest version of Opera. In fact I don't see how you could not - if you're using Opera to browse the net, you're connected to the internet and you'll get an update reminder from Opera on-screen when you start the program.

The only reason I could think if that anyone would not get that reminder would be if they, say, never had to restart their browser?

Reply #2 July 7, 2008 3:11 PM from

WinCustomize Forums Top

I use IE7, in fact IE is the only browser that I run. I check updates from MS daily and get what ever is available for my version of Windows and browser. Why wouldn't you?

I will get IE8 when it is ready for the general public.

Now I will duck so as not to get hit by people throwing rotten vegtables and stuff.

Reply #3 July 7, 2008 3:23 PM from

WinCustomize Forums Top

Now I will duck so as not to get hit by people throwing rotten vegtables and stuff.

There's nothing wrong with actually running IE.
It's personal choice. But 3 things make many people stay away from IE:

1. It's from Microsoft.
2. It's from Microsoft.
3. There is no 3rd thing.

Personally, I use Firefox...the latest version of course. It's configured to automatically update, and it does that easily. As for security concerns, you can always enhance your browser's security using a third party internet security app. All I use IE for is updates for Windows. If I could do that with Firefox, it's bye bye, IE.

Reply #4 July 7, 2008 3:37 PM from

Stardock Forums Top

I use firefox and when it comes to updates I update everything on my computer whether its good for me or not

Reply #5 July 7, 2008 3:40 PM from

WinCustomize Forums Top

All I use IE for is updates for Windows. If I could do that with Firefox, it's bye bye, IE.

Hey Pixeleo, with IE Tab extension, Microsoft update runs perfectly in Firefox 3.

WWW Link

Reply #6 July 7, 2008 3:53 PM from

Stardock Forums Top

It's probably due to all the old fogies running windows 2000 and ie6.

Reply #7 July 7, 2008 4:00 PM from

Stardock Forums Top

Cavan1, that's because with IE-Tab, you ARE using IE, it's just rendered within a Firefox window. Just like this Impulse window is doing.

Reply #8 July 7, 2008 4:52 PM from

WinCustomize Forums Top

I use opera, always latest version.

Reply #9 July 7, 2008 5:03 PM from

Sins Forums Top

I mainly use Firefox, and occasionally use Opera for a change.

Reply #10 July 7, 2008 5:07 PM from

GalCiv2 Forums Top

It's personal choice. But 3 things make many people stay away from IE:

1. It's from Microsoft.
2. It's from Microsoft.
3. There is no 3rd thing.

While I agree wholeheartedly with the above the problem is that it's on my machine no matter what I do. In that case I may as well use it unless there's some compelling reason not to and I really haven't seen one other than the above.

As far as automatic updates I disable those and don't allow anything to run automatically on my machine. Basically I don't count on my browser for security, that's why I have a security suite. If merely keeping your browser close to up to date was sufficient then perhaps I would, but it's not so why bother.

Reply #11 July 7, 2008 5:07 PM from

WinCustomize Forums Top

THanks Cavan1. But still no IE removal...because IE Tab relies on IE.

Maybe I'll delete all the shortcuts, and pretend that it never insisted

Reply #12 July 7, 2008 5:12 PM from

Sins Forums Top

FireFox 3 FTW

Reply #13 July 7, 2008 5:20 PM from

Sins Forums Top

Mostly Firefox for me, with the occasional use of Opera. Both fully updated. (And I guess I'm an 'old fogey' age wise, although I don't run Windows 2000. XP for me.

)

Reply #14 July 7, 2008 5:38 PM from

WinCustomize Forums Top

and pretend that it never insisted

I meant existed

Reply #15 July 7, 2008 6:09 PM from

GalCiv2 Forums Top

I use FF3, and IMO, it's the best browser out there now. I have a widescreen monitor, so I especially like the page zoom function. It even zooms images, and very cleanly also. It does have it's little annoyances, but these are usually easy to fix. I just discovered another one. If you hate the "Downloads Complete" alert as much as I do, there is a way to stop it via a hidden setting. Type "about:config" into the location bar. Scroll down to "browser.download.manager.showAlertOnComplete", and set the value to "false". Problem solved. This was endlessly annoying, especially when using Object Dock, since it covers it up and takes seemingly forever to go away.

Reply #16 July 7, 2008 7:49 PM from

WinCustomize Forums Top

Between January 2007 and June 2008, less than half of IE users -- 47.6 percent -- were running the most secure browser version during the same time period.

Interesting statement from the article ...'browser version'?

I wonder if that means IE7 vs other IE versions? ... it does seem to suggest that barely over half of IE users have switched to IE7 .... :NOTSURE:

Reply #17 July 7, 2008 8:28 PM from

Sins Forums Top

firefox 3 > all other browsers

Reply #18 July 7, 2008 8:41 PM from

GalCiv2 Forums Top

Consider how SSL/TLS is supported in IE 6 and Firefox 2 with the default settings. Firefox 2 by default enables SSLv3 and TLSv1 (I did not see any support for SSLv2) and stupid IE 6 by default enables SSLv2 (least secure) and SSLv3 but disables TLSv1 (most secure)!

All the root CA certificates in IE 6 and Firefox 2 have at least 2048 bit RSA keys except for those from VeriSign (which have only 1024 bit RSA keys). VeriSign is also the braintrust that issued a Microsoft CA to a hacker that called them on the phone. When VeriSign realized their major f***up they revoked the certificate but IE 6 and Firefox 2 by default don't use OCSP to check if the certificate has been revoked (hopefully that cert is now expired)!

Reply #19 July 7, 2008 8:51 PM from

WinCustomize Forums Top

1. It's from Microsoft.
2. It's from Microsoft.
3. There is no 3rd thing.

I'll assume you aren't running windows either then...it being from Microsoft 'n all.

Reply #20 July 7, 2008 9:04 PM from

WinCustomize Forums Top

I check updates from MS daily and get what ever is available for my version of Windows and browser.

Ditto, even though I've been using FF since FF3b4. IE7 doesn't see much use anymore.

Basically I don't count on my browser for security, that's why I have a security suite.

Good point.
If browsers were that secure,would we even need most of the other security apps?

Reply #21 July 7, 2008 9:12 PM from

WinCustomize Forums Top

Cavan1, that's because with IE-Tab, you ARE using IE, it's just rendered within a Firefox window. Just like this Impulse window is doing.

Yep, but no need to open IE.

THanks Cavan1. But still no IE removal...because IE Tab relies on IE.

Should never remove IE as it is part of the OS and will always be required for something or other.

IE Tab on FF runs updates faster, for me, than IE 7 does.

Reply #22 July 7, 2008 10:38 PM from

Sins Forums Top

FF3 and always updating everything. I don't really open plain ol' IE7 anymore.
Though I've discovered recently that EA.com won't run on any browser for me.

Now I will duck so as not to get hit by people throwing rotten vegtables and stuff.

*throws spoiled meat*

Reply #23 July 8, 2008 4:18 AM from

GalCiv2 Forums Top

Not surprising. So many old people online these days that don't know how to operate a computer. Perhaps some grandchild have told them to decativate the automatic updates. Strange though....

Reply #24 July 8, 2008 4:53 AM from

GalCiv2 Forums Top

40% of Internet Users Run Vulnerable Browsers

Napolean as if anyone could even know that

Reply #25 July 8, 2008 10:08 AM from

WinCustomize Forums Top

It's personal choice. But 3 things make many people stay away from IE:

1. It's from Microsoft.
2. It's from Microsoft.
3. There is no 3rd thing.

....and your Operating System is.....?

Welcome Guest! Please take the time to register with us.

Richer content, access to many features that are disabled for guests like commenting and posting on the forums.
Access to a great community, with a massive database of many, many areas of interest.
Access to contests & subscription offers like exclusive emails.
It's simple, and FREE!