Microsoft to begin silently updating IE in 2012

Share this article:
Coming next month, Internet Explorer (IE) users will no longer have to manually upgrade their web browser.

Microsoft, beginning in January, will automatically upgrade Windows customers to the latest version of IE available for their PC, Ryan Gavin, senior director of IE, said in a blog post Thursday. The Redmond, Wash.-based computing giant's move to embrace what is known as “silent updates” follows actions already taken by Google, which pioneered the concept for its Chrome web browser in 2009, and Mozilla, which announced recently it is working on a mechanism for automatic Firefox updates.

Microsoft is aiming to better protect users from threats, such as social-engineered malware, which often targets out-of-date web browsers, Gavin said.

“The web overall is better – and safer – when more people run the most up-to-date browser,” he wrote. “Our goal is to make sure that Windows customers have the most up-to-date and safest browsing experience possible, with the best protections against malicious software, such as malware.”

Industry experts agreed that silent updates are a step forward for security.

“Silent updating is generally seen as a big improvement to security on the internet,” Wolfgang Kandek, CTO of vulnerability management firm Qualys, wrote in a blog post Thursday.

Kandek referenced a study conducted by researchers at the Swiss technical university ETH, which found that 97 percent of Chrome users updated their browser within three weeks of a new version release, compared to 85 percent of Firefox users, 53 percent of those using Apple Safari, and 24 percent of Opera users. Silent updates allow systems to stay secure “most of the time,” take some of the onus for security off users, and shorten the window of opportunity attackers have to use known exploits against outdated browsers, according to the study.

Microsoft said that beginning in January, IE will be silently upgraded for customers who have opted-in to automatic updates on the Windows Update service. It will begin first with customers in Australia and Brazil, then “take a measured approach, scaling up over time.” The silent update will eliminate the pop-up window that currently allows users to opt-out or postpone available browser upgrades, Kandek said.

Users who have declined previous installations of IE8 and 9 will not be automatically updated. Additionally, customers can uninstall updates and continue to receive support for the copy of IE they purchased with Windows.

Enterprise users who tightly control their patches will not be affected, as they will still have full control over the versions of their browsers, Kandek said.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

LEADS Act addresses gov't procedure for requesting data stored abroad

LEADS Act addresses gov't procedure for requesting data ...

Senators introduced the legislation last week as a means of amending the Electronic Communications Privacy Act (ECPA).

Report: Intrustion prevention systems made a comeback in 2013

Report: Intrustion prevention systems made a comeback in ...

A new report indicates that intrusion prevention systems grew 4.2 percent in 2013, with growth predicted to continue.

Mobile device security sacrificed for productivity, study says

Mobile device security sacrificed for productivity, study says

A Ponemon Institute study, sponsored by Raytheon, revealed that employees increasingly use mobile devices for work but cut corners and circumvent security.