surfers50

A recent collaborative study between Google, the Swiss Federal Institute of Technology, and IBM offers new insight into how many people surfing the web are doing so safely. According to the report, a clear majority of users (some 59 percent) are using the latest version of their preferred Internet browser—but that still leaves 40.1 percent who aren't. That's a troublingly high number for anyone working in IT security, given that virtually all (89.4 percent) of the vulnerabilities reported in 2007 were remote exploits. Not all of these exploits specifically targeted the web browser, but it's become the target of choice for an increasingly large percentage of all attacks. Proper browser security is therefore of paramount concern.

The group performed its analysis using Google's database of user information (nonpersonally-identifiable information, mind you). The information in question was gathered between January 2007 and June 2008, and represents some 18 months of browser data. Both minor and major patch versions were considered, as was the date when new patches were actually released. Data was compiled separately for each of the browsers that were tracked, and multiple visits from any given machine were counted only once per day.

This particular analysis is focused on how often end-users apply browser patches, not on market share, but the authors do mention the figures they saw in passing, indicated in the chart below. According to the study, "The absolute worldwide user counts were derived from the global Internet user count of 1,408 billion users." The browser labels in the table refer specifically to IE7, Firefox 2, Safari 3, and Opera 9—IE6, Firefox 3, and Opera 8 were not included.