Internet Explorer loses ground to Firefox and Safari

Web analytics firm Net Applications is reporting that Microsoft Internet Explorer continued to stumble in its position as the world’s most popular web browser during December 2008.

Although Internet Explorer is by far the most widely used program for accessing websites, it has slipped from a 75% marketshare at the start of 2008 to 68.15% during December 2008.

Mozilla Firefox (21.34%), Apple Safari (7.93%), and Google Chrome (1.04%) all appear to be benefiting as users either choose alternative web browsers or run an operating system not supported by Internet Explorer (in other words, anything other than Windows).

What I always find interesting is to compare these usage figures, which are collated across a very wide spectrum of web usage, with what I see myself when I look at details of how people are viewing this blog. You could argue that the typical profile of someone reading this blog and accessing the Sophos website is rather more security conscious than the typical Joe User.

Browsers accessing Graham Cluley's blog in December 2008
Browsers accessing Graham Cluley’s blog in December 2008

What’s clear from this is that Clu-blog readers are much less likely to be using Internet Explorer than their non-technical friends and family. Firefox, meanwhile, is teetering on the brink of being responsible for one in four of all visits to this blog.

We’re also seeing Chrome being more widely used by this audience, and we can expect to see Chrome make further inroads as versions for Unix and Mac OS X arrive during 2009.

Fascinatingly, Safari on the Apple iPhone is also making a small but beautifully formed impression on the chart, outgunning its Windows cousin.

Have IT teams tasked with security managed to convince their bosses to fork out for Apple’s lusted-for gadget? Perhaps blogs carrying security news are more likely to be viewed “on-the-move” outside of regular working hours, and so gizmos like the iPhone make a justifiable expense.

Why does any of this matter? Well, Sophos’s recently published Security Threat Report 2009 revealed the enormous role that web browsing plays in the successful spreading of malware today. As the web browser market shifts we can expect the cybercriminals to increasingly follow.

Of course, this already happens to some extent. In the past we’ve seen malware attacks embedded into websites that determine what web browser you are running – for instance, if it’s Internet Explorer they’ll serve you some Windows .EXE malware, if you’re running Safari they’ll give you a malicious Mac OS X .DMG file. Additionally, if an Internet Explorer exploit fails to find a successful playground the dangerous website may try a Firefox attack instead.

And in 2009, we’ll expect to see more hackers exploiting vulnerabilities in code which runs alongside your browser – whatever your browser should be. So, expect to see more attacks trying to exploit loopholes in Adobe Flash and PDF reader plugins etc.