This past week Microsoft confirmed that its well-known web browser, Internet Explorer, would be retired after years of declining user engagement. Initially launched in 1995, Internet Explorer was the standard for web browsing on all Windows computers.
More often than not, Windows users opted not to upgrade from the traditional IE browsing format, but security researchers are emphasizing that IE and its many security vulnerabilities, that also contributed to its shut down, were still existent.
Microsoft will begin disabling the IE application on all Windows 10 devices, prompting users to instead download its next-generation Edge web browser, which was initially released back in 2015. The original IE icon will remain on user devices, and Edge will be incorporating a service called “IE Mode” so users can preserve access to old websites that were specifically made for Internet Explorer.
Microsoft says it will support “IE mode through at least 2029. Additionally, IE will still work for now on all supported versions of Windows 8.1, Windows 7 with Microsoft’s Extended Security Updates, and Windows Server.”
Industry analysis shows that more than half a percent of total global browser market shares are held by Internet Explorer.
“I do think we’ve made progress, and we probably won’t see as many exploits against IE in the future, but we will still have remnants of Internet Explorer for a long time that scammers can take advantage of,” says Ronnie Tokazowski, an independent malware researcher and principal threat advisor at the cybersecurity firm Cofense.
“Internet Explorer as the browser will be gone, but there are still pieces that exist.”
“We haven’t forgotten that some parts of the web still rely on Internet Explorer’s specific behaviors and features,” Sean Lyndersay, the general manager of Microsoft Edge Enterprise, wrote.
“There was a real need to start over with Edge rather than trying to salvage IE. The web has evolved and so have browsers. Incremental improvements to Internet Explorer couldn’t match the general improvements to the web at large, so we started fresh,” he stated.
Maddie Stone, a researcher for Google’s Project Zero vulnerability hunting team, wrote that hackers are still able to exploit vulnerabilities within the IE application, which is a problem, referring to previously unknown vulnerabilities as “zero-days.”
“Since we began tracking in-the-wild 0-days, Internet Explorer has had a pretty consistent number of 0-days each year. 2021 actually tied 2016 for the most in-the-wild Internet Explorer 0-days we’ve ever tracked, even though Internet Explorer’s market share of web browser users continues to decrease. Internet Explorer is still a ripe attack surface for initial entry into Windows machines, even if the user doesn’t use Internet Explorer as their internet browser,” she wrote.
IE will begin to be phased out of Windows devices in the coming months, but its legacy will live on for the standard it set for optimal web browsing.
Eric Mastrota is a Contributing Editor at The National Digest based in New York. A graduate of SUNY New Paltz, he reports on world news, culture, and lifestyle. You can reach him at firstname.lastname@example.org.