Neil MacDonaldGet off of Internet Explore version 6. Now.
IE6 has become an anchor (and a security risk). For Gartner clients, we’ve been advising this since October 2006. In blogging, I’ve said it here and most recently, here again.
However, in reality, the move is easier said than done. Here’s what I said in this research note on planning for and deploying the security features of Windows 7:
The most significant change in IE8 is not security-related — the new rendering engine is more standards-compliant. This introduces significant Web-based application compatibility issues for applications written to specific idiosyncrasies of IE6 (see “IE6 Apps Are Windows XP Apps, So Treat Them That Way in Migration Planning”). Although Microsoft includes IE5 and IE7 back-level rendering support, an IE6 rendering mode is not supported.
Some of your own in-house developed applications that use IE6-specific features will create problems during migration. But clients are telling us that some of their large enterprise application ISVs are the bigger problem. Some don’t officially support IE8 yet. Worse, some of the ISVs won’t support a newer browser unless you pay them money to upgrade to a newer version of their software. Issues with Cognos, Siebel and Peoplesoft are commonly called out as trouble areas in this regard.
Advice going forward: Make any web-enabled application vendor support multiple web-browsers and adhere to widely accepted rendering standards so that the chance of getting ‘locked in’ to a specific browser and version are minimized. Minimize the use of custom browser plug-ins to extend functionality (and that will hamper future migrations).
I don’t want us to have to go through this again when IE9 (or Firefox 4 for that matter) comes out.
Category: Beyond Anti-Virus Microsoft Security Tags: Best Practices, Microsoft, Microsoft Security, Windows
4 responses so far ↓
1 uberVU - social comments January 30, 2010 at 1:46 pm
Social comments and analytics for this post…
This post was mentioned on Twitter by glambert: Reading: “Vendors are a Big Part of the Problem in Getting off of IE6″ – http://bit.ly/b6pbGK...
2 Tweets that mention Vendors are a Big Part of the Problem in Getting off of IE6 -- Topsy.com January 31, 2010 at 9:57 am
[...] This post was mentioned on Twitter by Greg Lambert, Gary Meadows, Bernhard Schulte, Security Geek, Richard HR and others. Richard HR said: "Vendors are a Big Part of the Problem in Getting off of IE6" http://tinyurl.com/ykgsgn9 [...]
3 Do as I Say … « Vintage1951 February 11, 2010 at 1:34 pm
[...] applications, many of them missions critical. As Gartner’s Neil MacDonald said in his blog, the application vendors are a big part of the problem in getting organisations to move off of Internet E…. Often the applications use proprietary mechanisms in IE6, making it difficult or impossible to [...]
4 Another Zero-Day Attack on Internet Explorer: Time to Switch Browsers? March 10, 2010 at 10:43 am
[...] after the IE/Google/China attacks. You don’t have to wait on a Windows 7 upgrade to do this, but application compatibility might be holding you [...]