Over at ZDNet, I’ve got a new post on the details behind the recent successful cyber-attack on Google, Adobe, and dozens of other large corporations. After looking at the evidence, I’ve concluded that the risks of using IE6 outweigh the costs of switching:
Any IT professional who is still allowing IE6 to be used in a corporate setting is guilty of malpractice. Think that judgment is too harsh? Ask the security experts at Google, Adobe, and dozens of other large corporations that are cleaning up the mess from a wave of targeted attacks that allowed source code and confidential data to fall into the hands of well-organized intruders. The entry point? According to Microsoft, it’s IE6.
The good news is that IE7 and IE8 are dramatically more secure, especially when run on Windows Vista or Windows 7 with Protected Mode and Data Execution Prevention.
For full details, go read It’s time to stop using IE6.