Internet Explorer 8, 9, 10 End of Life - Are you Ready?

On January 12, 2016 Microsoft will end of life Internet Explorer (IE) 8, 9 and 10, and that has the media in a bit of frenzy, with the news even trending on social networks like Facebook. What’s got everyone buzzing about? After Tuesday, only Microsoft IE 11 and Edge will continue to receive updates and security patches leaving millions of people at risk from new cyber threats, unless they upgrade their browsers or operating systems. This problem is not only confined to personal computers, but also affects many businesses who depend on older browsers due to custom plugins and legacy applications, that don’t render in modern browsers. Consequently, identifying which assets have older versions installed and upgrading them is critical for maintaining security and compliance. Alternatively, this risk can be mitigated by switching to another browser altogether. If you decide to switch, make sure you disable the end of life'd versions of IE since malware and exploits may still target them and initiate a compromise. In traditional Microsoft fashion, the end of life announcement is not black or white. There are exceptions to the end of life notice that every business should be aware of:

• Windows Vista and Windows Server 2008 will still receive updates for Internet Explorer 9, as that is the most current supported version on those operating systems.
• Windows Server 2012 will still receive updates for Internet Explorer 10, as that is the most current supported version on that operating system.
• Windows 8 is no longer supported, so customers must update to Windows 8.1 in order to receive Internet Explorer 11.

Because of these exceptions, Internet Explorer 8 is the only official version that is truly “dead” for mainstream operating systems. Keep in mind that Microsoft won’t be uninstalling outdated browsers, but they will issue an unsupported browser warning on Windows 7 and Windows Server 2008 R2. Read here for more information. To aid with the identification and remediation planning for this critical end of life scenario, Retina CS and Retina Network Security Scanner now include the following audits:

• 56423 - Windows 8 End-of-Support
• 56424 - Microsoft Internet Explorer End-of-Support - Vista/2008
• 56425 - Microsoft Internet Explorer End-of-Support - 7/8.1/2008R2/2012R2
• 56426 - Microsoft Internet Explorer End-of-Support – 2012

Retina customers can run a report to show all affected systems. Simply build an Audit Group with these two audits or a Vulnerability Smart Rule to target these end of life or unsupported browsers. Retina CS and Retina Network Security Scanner vulnerability management solutions deliver unmatached reporting, scalability and coverage. For more information on any of our cyber security solutions, contact us today.