Loading...

In case you haven't heard, Google (and at least 30 other companies) were attacked by hackers in late December (codenamed Operation Aurora).  Although it cannot be publicly verified as 100% accurate, Google announced in a blog post that the "highly sophisticated and targeted attack on [their] corporate infrastructure [had orginiated] from China".  Their primary goal was "accessing the Gmail accounts of Chinese human rights activists", but other companies reported theft of their intellectual property.

The primary method of attack was through flawed code in Microsoft Internet Explorer, affecting versions 5.01 - 8. Even though all these versions are open to this HTML Object Memory Corruption Vulnerability, Internet Explorer 6 was been the primary target for this attack and many others.

This definitely isn't the first time IE6 has been exploited, but it's easily one of the largest, most-profiled cases.

Along with details of the vulnerability, Microsoft posted this recommendation on their Security Research & Defense blog: 

The client configuration currently at risk is Windows XP running IE6. We recommend users of IE6 on Windows XP upgrade to a new version of Internet Explorer and/or enable DEP. Users of other platforms are at reduced risk. We also recommend users of Windows XP upgrade to newer versions of Windows.

Microsoft has vowed to continue support for IE 6 and Windows XP until April 8, 2014, despite all the security risks and previous attempts to convince users to upgrade.  "Teh interwebs" have also been busy putting together grassroot campaigns to push IE 6 off the net for good:

These security issues are an important reason for others to upgrade.  Web designers and application developers also wish for the end of IE6 for a different reason - compatibility.  Having been around for 8 1/2 years, this browser just doesn't support some of the cool, new technologies driving the web today.  Since so many users still have IE6, us web professionals tend to sacrifice on using new technologies just to support these older browsers.  It also takes extra time to tweak websites to work well with IE6 and thoroughly test them.  As long as these compromises continue to be made, progress will be slow at best.

At Unleashed Technologies, we fully recommend that all users immediately upgrade to a modern browser.  You'll get the benefit of added security plus the best of emerging technologies.  Our personal favorites are Chrome and Firefox, but others like Safari and IE 8 are also great alternatives.  We pride ourselves in using some of the latest and greatest technologies, while still preserving backwards compatibility for users stuck on older browsers.