Call 1-888-369-5067 for any computer or network related issue
Users of Internet Explorer (IE) were in no hurry last month to discard older versions, even after Microsoft told them that their browsers will drop off the support list in early 2016.
In a surprise announcement on Aug. 7, Microsoft said that after Jan. 12, 2016, it would support IE9 only on Windows Vista, IE10 only on Windows Server 2012, and only IE11 on Windows 7 and Windows 8.1.
IE7 and IE8 will drop off support completely, but others on certain editions of Windows — like IE10 on Windows 7 — will also get the patch axe.
The browsers will continue working, but Microsoft will halt technical support and stop serving security updates for the banned versions. Because of the large number of critical vulnerabilities Microsoft patches in its browser — 110 in the last three months — it will be extremely risky running an unsupported version.
But Microsoft’s mandate did little to change the user share of the various versions of IE last month as measured by metrics vendor Net Applications.
Microsoft’s asking more than two-thirds of current Internet Explorer users to ditch their browser by January 2016.
IE9 actually gained ground. The browser, which is the newest able to run on Vista, added two-tenths of a percentage point to its user share to average 9.2% for August. But because Vista currently powers just 3% of all Windows computers, a majority of IE9 runs on Windows 7, which must dispense with the 2011 browser in under a year and a half.
IE8 will be an even bigger problem. The browser, which is the default for many of the Windows XP PCs still in operation, also was adopted by large numbers of businesses as the standard for Windows 7. That showed in Net Applications’ statistics: IE8 accounted for 21.4% of all browsers last month, down just two-tenths of a percentage point, and 36.6% of all copies of Internet Explorer.
(The difference between the numbers for all browsers and only IE was because Internet Explorer has a 58.5% share of the browser space, not 100%.)
IE6 and IE7 also declined last month, but by minuscule amounts of two-tenths of a point and less than half of one-tenth of a point, respectively. IE6, although no longer supported on Windows XP, is still patched on Windows Server 2003, which is slated for retirement in July 2015.
IE10 barely moved, too: Its user share dropped by less than one-tenth of a point to 6.2% of all browsers, and to 10.6% of all copies of IE.
The only bright spot was 2013’s IE11, which gained about eight-tenths of a percentage point to average 17.6% of all browsers, 30% of all copies of IE.
By the numbers, Microsoft’s customers will have a very hard time scrubbing out-of-date versions of IE by 2016. If IE8 was to magically disappear — which it will not — it would have to shed 1.3 percentage points each month. That would represent an increase of more than 2,000% from its six-month average decline.
Likewise, IE9 will have to be aggressively suppressed. Even if every copy of Vista runs IE9 — certainly not the case — Windows 7 PCs must increase their IE9 disposal rate by 630% to make the monthly quota towards zero.
Overall, the numbers are daunting: Microsoft has taken the unprecedented step of demanding that nearly 70% of its current IE user base migrate to a newer browser, and do so, for enterprises at least, in a very short time.
Little wonder, then, that Gartner analyst Michael Silver last month said, “This is huge” when asked to characterize Microsoft’s announcement.
Net Applications calculates user share by mining data from the approximately 160 million unique visitors each month who browse to the sites it monitors for customers.
Around 97,000 early testers of the Bugzilla bug tracking software have been warned that their email addresses and encrypted passwords were exposed for three months.
The accidental exposure is the second disclosed by the Mozilla Foundation this month – on 1 August, the organisation revealed that around 76,000 Mozilla Developer Network email addresses and 4,000 hashed and salted passwords had been left on a public-facing server for 30 days.
The new breach started during a server migration, Mark Cote, assistant project lead for Bugzilla, explained.
One of our developers discovered that, starting on about May 4th, 2014, for a period of around 3 months, during the migration of our testing server for test builds of the Bugzilla software, database dump files containing email addresses and encrypted passwords of roughly 97,000 users of the test build were posted on a publicly accessible server. As soon as we became aware, the database dump files were removed from the server immediately, and we’ve modified the testing process to not require database dumps.
We do not know whether or not the leaked database dumps have been picked up by anyone with ill-intent, or whether the passwords were hashed and salted, but Mozilla said it would like to think that developers who use test builds are aware of their insecure nature.
That said, passwords do still get reused. For that reason Mozilla has contacted everyone who is affected by the leak, urging them to change their passwords if they have used them for other additional sites or accounts.
So, if you use the Bugzilla tracking software, you need to change your password right now. And even if you don’t, you can still learn from this incident by ensuring that you don’t use the same password more than once.
We suggest using long non-dictionary passwords made up from a combination of upper and lower case letters, numbers and symbols.
If you have a tough time remembering all your complex passwords you may want to consider using a password manager such as LastPass or KeePass.
Meanwhile Mozilla, which is no stranger to leaking passwords, said it is “deeply sorry for any inconvenience or concern this incident may cause” and is undertaking a review of its data practices in the hope that it will minimize the likelihood of such incidents happening again in the future.