SitePoint Sponsor

User Tag List

Results 1 to 8 of 8
  1. #1
    Design Addict helix7's Avatar
    Join Date
    Oct 2004
    Location
    New Jersey
    Posts
    440
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Microsoft advises upgrades from IE6, IE7

    They're still officially supporting IE6, but now also advising that people upgrade.

    With whole countries now recommending to their citizens that they avoid all Microsoft browser versions, and now this upgrade recommendation straight from the source, is it safe to say that web developers can drop support for IE6 as well?

    A lot of big companies still use IE6 and IE7, but I'm wondering if this new stance on old IE versions will finally give web devs a leg to stand on in the "how old of a browser should our new product support" argument.

  2. #2
    Programming Since 1978 silver trophybronze trophy felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, NSW, Australia
    Posts
    16,871
    Mentioned
    25 Post(s)
    Tagged
    1 Thread(s)
    Some security companies (eg. McAfee) are arguing that the recent security breaches involving Google, Adobe, etc that originated in China are due to a security hole present in all versions of IE and that therefore everyone should stop using IE.

    Microsoft have argued that it is only IE6 that has that security hole and so that is the only version to avoid using.

    At least it means that Microsoft is now once again advising people to upgrade from IE6. They did try that once before though when they set up their automatic upgrade to automatically upgrade everyone from IE6 to IE7 soon after the IE7 release. That didn't stop there being lots of complaints because of all the intranet sites that only work on IE6 though.

    It could result in more companies limiting IE6 access to their intranet and installing an alternate browser for internet use but it does mean that companies with a Microsoft software only policy would need to rethink that policy in order to resolve this security issue.
    Stephen J Chapman

    javascriptexample.net, Book Reviews, follow me on Twitter
    HTML Help, CSS Help, JavaScript Help, PHP/mySQL Help, blog
    <input name="html5" type="text" required pattern="^$">

  3. #3
    From space with love silver trophy
    SpacePhoenix's Avatar
    Join Date
    May 2007
    Location
    Poole, UK
    Posts
    5,077
    Mentioned
    103 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by felgall View Post
    It could result in more companies limiting IE6 access to their intranet and installing an alternate browser for internet use but it does mean that companies with a Microsoft software only policy would need to rethink that policy in order to resolve this security issue.
    Or another possibility companies will really limit who, and on what computers the Internet can be accessed from.
    Community Team Advisor
    Forum Guidelines: Posting FAQ Signatures FAQ Self Promotion FAQ
    Help the Mods: What's Fluff? Report Fluff/Spam to a Moderator

  4. #4
    Follow Me On Twitter: @djg gold trophysilver trophybronze trophy Dan Grossman's Avatar
    Join Date
    Aug 2000
    Location
    Philadephia, PA
    Posts
    20,578
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by felgall View Post
    Microsoft have argued that it is only IE6 that has that security hole and so that is the only version to avoid using.
    The security advisory from Microsoft stated that the vulnerability is in all 3 versions. The advisory acknowledged Google, Adobe and McAfee for providing the details of the vulnerability -- this was a joint disclosure published all on the same date.

    Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6, Internet Explorer 7 and Internet Explorer 8 on supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are vulnerable.
    http://www.microsoft.com/technet/sec...ry/979352.mspx

    The reason Microsoft can advise people to upgrade from IE6 even when IE7 and IE8 also have the vulnerability is that newer versions of Internet Explorer and of Windows allow you to do less with a bug like this. Yes you can still abuse the pointer to get code to run, but with DEP and Protected Mode, that code has limited access to the system to do anything malicious. With IE6 on XP, if the user account that ran Internet Explorer is an administrator, the bug is much more serious.

  5. #5
    Follow: @AlexDawsonUK silver trophybronze trophy AlexDawson's Avatar
    Join Date
    Feb 2009
    Location
    England, UK
    Posts
    8,111
    Mentioned
    0 Post(s)
    Tagged
    1 Thread(s)
    Quote Originally Posted by helix7 View Post
    With whole countries now recommending to their citizens that they avoid all Microsoft browser versions, and now this upgrade recommendation straight from the source, is it safe to say that web developers can drop support for IE6 as well?
    This is very easy to answer, no we can't drop support for IE6, as long as people still use it, we have to ensure support for those users (against our best wishes). There isn't enough widespread support for ditching support for the product officially, therefore we have neither the public backing or the development community to back any effort to shed the browser the mortal coil. Only if all the IE6 users dry up OR if the W3C officially backs a deprecation message in which the worlds developers cease support for the IE6 browser would it be deemed a suitable time to simply dump all support for the browser. And neither will happen any time soon, the news is just replicating what we have known for years. I would personally like to see the W3C (along with Microsoft) officially deprecate the user-agent's support and advise developers to dump primordial browsers (sort of an age cut-off), perhaps then we could have an excuse to en-mass stop it and tell everyone to upgrade.

  6. #6
    Mazel tov! bronze trophy kohoutek's Avatar
    Join Date
    Aug 2004
    Location
    Hamburg, Germany
    Posts
    4,248
    Mentioned
    30 Post(s)
    Tagged
    0 Thread(s)
    I agree with Alex. As beautiful as it would be to drop support for IE6, now is not the time. At least not for sites I create for my customers. I would only ever dare dropping IE6 support for my own blog, if I had one.

    Even my portfolio has full IE6 support. Why? Because many potential clients visit my site with IE6 and I certainly don't want to leave them with the impression I can't make websites, since that is my bread and butter.
    Maleika E. A. | Rockatee | Twitter | Dribbble



  7. #7
    ☆★☆★ silver trophy vgarcia's Avatar
    Join Date
    Jan 2002
    Location
    in transition
    Posts
    21,235
    Mentioned
    1 Post(s)
    Tagged
    1 Thread(s)
    Quote Originally Posted by helix7 View Post
    They're still officially supporting IE6, but now also advising that people upgrade.
    That's not very surprising, most software companies support their product a few versions back, even if they want everyone on the latest and greatest.

    And truth be told, I don't think there's anyone out in the world that is using and enjoying IE6. Those that are still using it are either stuck on a very old operating system like Windows 2000, or are tied to IE6 by poorly coded webapps for their business or whatever.
    Quote Originally Posted by helix7
    A lot of big companies still use IE6 and IE7, but I'm wondering if this new stance on old IE versions will finally give web devs a leg to stand on in the "how old of a browser should our new product support" argument.
    For my personal work IE6 is on my "let it go" list (I'll fix large problems but don't care much if something is off by a couple of pixels). We still support IE6 at work, but we sell Windows software in an industry that's resistant to change...not much that can be done about that barring some radical rewrite of our main products.

  8. #8
    Programming Since 1978 silver trophybronze trophy felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, NSW, Australia
    Posts
    16,871
    Mentioned
    25 Post(s)
    Tagged
    1 Thread(s)
    Quote Originally Posted by vgarcia View Post
    Those that are still using it are either stuck on a very old operating system like Windows 2000,
    Microsoft still support IE5 because that's what shipped with Windows 2000. Both IE5 and Windows 2000 have the same end of support date of 13th July 2010.

    IE5.5 was declared dead when Windows ME was.

    IE6 is tied in with the end of life of Windows XP in 2014.
    Stephen J Chapman

    javascriptexample.net, Book Reviews, follow me on Twitter
    HTML Help, CSS Help, JavaScript Help, PHP/mySQL Help, blog
    <input name="html5" type="text" required pattern="^$">


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •