![](\"https:\/\/media.wired.com\/photos\/62acd06bf904bfd4ee5ab173\/master\/pass\/Internet-Explorer-Security-Alamy-FN9T8F.jpg\"\/)
<\/p>\n<\/p>\n
Credit to Author: Lily Hay Newman| Date: Mon, 20 Jun 2022 11:00:00 +0000<\/strong><\/p>\n Lily Hay Newman<\/a><\/span><\/span><\/p>\n To revist this article, visit My Profile, then View saved stories<\/a>.<\/p>\n To revist this article, visit My Profile, then View saved stories<\/a>.<\/p>\n After years of<\/span> decline and a final wind-down<\/a> over the past 13 months, on Wednesday Microsoft confirmed the retirement of Internet Explorer, the company\u2019s long-lived and increasingly notorious web browser. Launched in 1995, IE came preinstalled on Windows computers for almost two decades, and like Windows XP, Internet Explorer became a mainstay\u2014to the point that when it was time for users to upgrade and move on, they often didn\u2019t. And while last week\u2019s milestone will push even more users off the historic browser, security researchers emphasize that IE and its many security vulnerabilities are far from gone.<\/p>\n In the coming months, Microsoft will disable the IE app on Windows 10 devices, guiding users instead to its next-generation Edge browser, first released in 2015. The IE icon will still remain on users\u2019 desktops, though, and Edge incorporates a service called \u201cIE mode\u201d to preserve access to old websites built for Internet Explorer. Microsoft says it will support IE mode through at least 2029. Additionally, IE will still work for now on all supported versions of Windows 8.1, Windows 7 with Microsoft\u2019s Extended Security Updates, and Windows Server, though the company says it will eventually phase IE out in these, too. \u00a0<\/p>\n Seven years after the debut of Edge, industry analysis indicates<\/a> that Internet Explorer may still hold more than half a percent of the total global browser market share. And in the United States, that share may be closer to as much as 2 percent.<\/p>\n \u201cI do think we\u2019ve made progress, and we probably won\u2019t see as many exploits against IE in the future, but we will still have remnants of Internet Explorer for a long time that scammers can take advantage of,\u201d says Ronnie Tokazowski, a longtime independent malware researcher and principal threat advisor at the cybersecurity firm Cofense. \u201cInternet Explorer as the browser will be gone, but there are still pieces that exist.\u201d<\/p>\n For something that\u2019s been around as long as IE, backward compatibility is difficult to balance with the desire for a clean slate. \u201cWe haven\u2019t forgotten that some parts of the web still rely on Internet Explorer\u2019s specific behaviors and features,\u201d Sean Lyndersay, the general manager of Microsoft Edge Enterprise, wrote<\/a> in an IE retrospective on Wednesday, pointing to IE mode.<\/p>\n But he added that there was a real need to start over with Edge rather than trying to salvage IE. \u201cThe web has evolved and so have browsers,\u201d he wrote last week. \u201cIncremental improvements to Internet Explorer couldn\u2019t match the general improvements to the web at large, so we started fresh.\u201d<\/p>\n Microsoft says it will still support IE\u2019s underlying browser engine, known as \u201cMSHTML,\u201d and it has its eye on versions of Windows still \u201cused in critical environments.\u201d But Maddie Stone, a researcher for Google\u2019s Project Zero vulnerability hunting team, points out<\/a> that hackers are still exploiting IE vulnerabilities in real-world attacks.<\/p>\n \u201cSince we began tracking in-the-wild 0-days, Internet Explorer has had a pretty consistent number of 0-days each year. 2021 actually tied 2016 for the most in-the-wild Internet Explorer 0-days we\u2019ve ever tracked, even though Internet Explorer\u2019s market share of web browser users continues to decrease,\u201d she wrote<\/a> in April, referring to previously unknown vulnerabilities, called zero-days. \u201cInternet Explorer is still a ripe attack surface for initial entry into Windows machines, even if the user doesn\u2019t use Internet Explorer as their internet browser."<\/p>\n In her analysis, Stone particularly noted that while the number of new IE vulnerabilities Project Zero has detected has remained fairly constant, attackers have shifted over the years to increasingly target the MSHTML browser engine through malicious files like tainted Office documents. This could mean that neutering the IE application won\u2019t immediately change attack trends that are already in motion.<\/p>\n Given how difficult it has been to rein in Internet Explorer at all, Microsoft and IE users around the world have certainly come a long way. But for a browser that\u2019s supposed to be dead, IE still very much loads with the living.<\/p>\n