On an otherwise quiet Patch Tuesday in June, Microsoft issued its single largest patch to a program ever. The update addresses 59 security issues in various versions of its flagship browser, Internet Explorer.
But the other 57 were previously unknown flaws in IE versions 6-11. The flaws could allow for remote code execution, and they are rated important or critical.
In addition to the IE bugs, Microsoft also put out patches for the Microsoft Graphics Component, which is used in Office and Windows.
Browser versions matter
While everything from Internet Explorer 6 on was updated, the general rule is that the more recent the version of a browser, the safer your users will be.
Internet Explorer 11, the most recent version, barely edges out its predecessors IE 9 and IE 8 in the latest figures on browser shares.
It’s much the same problem Microsoft faces in getting users to its newest versions of Windows. Familiarity with the browser and a tendency to ignore update prompts keep most users running old versions.
Now might be a good time to have users get out of their comfort zone and update anyway – especially considering the IE 8 flaw went unpatched for so long.
While older versions may still receive security updates, Microsoft doesn’t have as much incentive to protect them.
And hackers will know that users on older systems are also the ones less likely to have good security practices in mind.