A cooperative study conducted by ETH Zurich, Google, and IBM Internet Security Systems has produced some alarming numbers regarding browser safety. Nowadays, security dangers such as drive-by downloads, malware installation, and remote execution of malicious code are prevalent throughout the Web. According to the report published yesterday, a large number of Internet users are putting themselves at risk on a daily basis simply because they aren't running the latest version of their browser. Using data accumulated by Google's search and Web application server logs between January 2007 and June 2008, the study determined that only 59.1% of global Internet users make use of the latest major version of their preferred Web browser. That left 576 million users surfing the Web with an older release.

During the data collection period, it was discovered that at most 83.3% of Firefox users were using the latest, most secure version of their browser. This number was somewhat high compared to 65.3% for Safari, 56.1% for Opera, and 47.6% for Internet Explorer. In the case of Microsoft's browser, all users still running IE6 were grouped into the "unsafe" category. Although Mozilla's browser boasted the best percentage, the study pointed out that it should be even higher. "Despite the single-click integrated auto-update functionality of Firefox, rather surprisingly, 16.7% of Firefox users (one out of six) continue to surf the Web with an outdated version of the Web browser."

Most built-in vulnerabilities are remedied with a minor upgrade or major release, hence the importance of running the latest version of your preferred browser. However, even fully patched browsers may find themselves at risk due to out-of-date and vulnerable plug-ins such as Flash Player and Shockwave. Many of these plug-ins have methods to notify the user when a new version is available. However, this is not always the case and is not the most ideal solution even for an advanced user. The study suggests some interesting ways that browser developers as well as those responsible for third-party plug-ins can do their part to ensure a user's overall safety while surfing the Web.

In the area of existing technology, the researchers who performed the study feel that other browser vendors can learn a lesson from Firefox's auto-update feature, stating the following: "Our measurement confirmed that Web browsers which implement an internal auto-update patching mechanism do much better in terms of faster update adoption rates than those without." I completely agree with this method and hope that others adopt a similar strategy going forward. In the realm of innovation, these same researchers presented the concept of a 'Best before' date where both browsers and websites would take a cue from the food industry by showing an expiration date (i.e., 145 days expired) whenever an update for their particular browser is available.

You, the user, must play an integral role in this fight. The unfortunate statistics brought to light by this study show that Internet users are skating on thin ice each and every time their browser is launched. In order to protect yourself from evil-doers, you must remain vigilant by doing the following.

• Always ensure that your browser is updated to the latest version
• Keep up-to-date on browser security news
• Install recommended privacy and security add-ons

(Photo © michaeldb - #472149/stockxpert)