Disclaimer

Any opinions expressed here are my own and not necessarily those of my employer (I'm self-employed).

Dec 16, 2011

IE auto-upgrades, plugins next?

Last week the IE team announced that they'll soon start to automatically upgrade IE across Windows 7, XP, and Vista through Windows Update. A follow up from Microsoft's IT pro team details that IE 6 and IE 7 will be upgraded to IE 8 on Windows XP, while Vista and Windows 7 users will get IE 9. With Microsoft joining the herd of auto-upgraders the final pieces of the puzzle start to fall into place, now "everybody" does it. Other major browser manufacturers (Opera, Chrome, and Firefox) have been auto-upgrading their installations for some time already. Apple's Safari now stands out in the crowd and it will be interesting to see whether they'll stick to their current update regime.

For Microsoft, this is yet another important step to kill of IE 6 which still has a considerable user base. Up til now they have been running campaigns urging users to upgrade their browsers. They actually have a website dedicated to kill of the browser, www.ie6countdown.com (I have to point out that Norway is leading the pack, with only 0.2% IE 6 users). Hopefully the automatic upgrades will have a notable impact on the remaining IE 6 installations.

In two earlier posts (one and two) I've advocated silent auto-upgrades as an important strategy to keep Internet users safe by providing them with timely security patches. Recently I came across an interesting study on the effectiveness of different Web browsers update mechanisms. It's definitely worth a read. (*Surprise*, it aligns just fine with my views so I can safely link to it).


The wider implications
The browsers have now set a standard for how widely distributed and connected software should be updated. But how will this affect the rest of the industry? The browser is the basis for surfing the Internet. But many websites will not function as intended unless you install various plugins, with the Flash player at the top of the list. You're surfing the web with a collection of software — and your online security is bound by the weakest link. That's why I believe the browser plugins are next in line, with the two most notable being Adobe's flash player and Oracle's Java runtime. They've been riddled with security flaws the last couple of years so there's a pressing need to keep them up to date as vulnerabilities are patched.

Adobe has taken steps towards a more streamlined update experience for their Flash plugin, but the Java update process still has a long way to go (as I recently ranted about). Let's hope they feel the pressure from the browser manufacturers.

No comments:

Post a Comment

Copyright notice

© André N. Klingsheim and www.dotnetnoob.com, 2009-2015. Unauthorized use and/or duplication of this material without express and written permission from this blog’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to André N. Klingsheim and www.dotnetnoob.com with appropriate and specific direction to the original content.

Read other popular posts