Over 600 million Web users at risk?

From the ‘be afraid, be very afraid files‘:

Regular readers of InternetNews.com know that browser vendors (Microsoft, Mozilla, Apple and Opera) routinely update their software in response to security vulnerabilities.

But what about those that don’t update?

According to new research published by Computer Engineering and Networks Laboratory (CSG), ETH Zurich, Google Switzerland GmbH, and IBM Internet Security Systems there are 637 million people out there with outdated and insecure web browsers.

WOW.

The breakdown is as follows:

• 577 million outdated Microsoft Internet Explorer users
• 38 million outdated Mozilla Firefox users
• 17 million outdated Apple Safari users
• 5 million outdated Opera users.

The data used to measure the worldwide vulnerable Web browser
population within each browser type was provided by Google, and is a
subset of non-personally identifiable data accumulated by Google’s
search and Web application server logs from around the globe; processed
daily between January 2007 and June 2008. With Google’s search queries
coming from more than 75 percent of Internet Web search users, our
measurements of Web browser proliferation are of a truly global scale.

So what to do? All the major browser vendors offer update mechanisms for their respective browsers that advise users of updates. Yet even with those mechanisms in place the number of insecure users is truly staggering.

My personal opinion on solving this problem is simple. ISPs and web sites need to take a stand on this issue and restrict access to only updated browsers. If a user can continue to go about their day to day web browsing with an insecure browser – then why will they change? If you force them to change by restricting access they’ll move. It really should be that simple.