We have recently taken a look at Internet Explorer 6 (IE6) to try and help convince a customer of ours to stop deploying it on workstations.IE6 still holds about 33% of the browser market share, but Microsoft stopped mainstream support for it in April of 2009. IE6 runs ActiveX controls at the same privilege as the browser, which is the same privilege as the user – typically administrator level. And according to Secunia there are 23 known unpatched vulnerabilities in IE6 – including one which has been around since 2003.
If you’re curious and have IE6 lying around, type or cut and paste the following into the address bar (that last character is a zero): ms-its:%F0:
So, what are we missing? Are there any other reasons I can throw at this customer to put IE6 out to pasture? Let me know in the comments.