Continuing Business Use of IE6 Hinders Security Efforts

Sue Marquette Poremba

Is the average home computer user doing a better job at data security than businesses?


When it comes to browser security, the answer appears to be yes, according to the new Zscaler "State of the Web" security research report. The biggest problem? A high number of companies that continue to use the highly unstable Internet Explorer 6.


Mike Geide, senior security researcher for Zscaler told me:

IE remains the browser of choice for the enterprise environment. Our statistics show that 75 percent of enterprise users use Internet Explorer, and 25 percent of that group still use IE6.

This is despite well-publicized recent attacks on Google and Adobe Acrobat through vulnerability exploits in IE6. But the vulnerable browser remains on office computers largely due to lack of resources and a lack of understanding of the problem. Geide said:

For an enterprise to upgrade and do the audits, it requires time, resources and money. Home users, on the other hand, can do it easily. Also, some people prefer to use IE6 because they are familiar with it and don't understand the security technology behind the other browsers.

Some other findings from the Zscaler report include:

  • Google services (search, Gmail, blogs, groups, etc.) are topping the list of threats that result in malicious software being downloaded and installed without end users' knowledge or consent; this followed by ThePlanet, a large hosting provider with a history of criminal abuse.
  • Mature botnets, such as Monkif, Torpig, Zeus and Koobface, continue to survive and thrive in spite of industry awareness and efforts to thwart them .
  • Big news events throughout the quarter, including the earthquake in Chile, Apple's iPad release and Toyota's massive recall, were efficiently used by attackers for social engineering.

Add Comment      Leave a comment on this blog post
Jun 7, 2010 3:39 AM Amol Bharti Amol Bharti  says:

Well, there is another reason to quit Internet Explorer 6. Checkout the blog "Password Input field, the biggest Security failure"

Best Regards,



Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.