Workplace PCs Should Ditch IE for Chrome, Report Says

If you suspect the computer you use at work is much less secure than the one you use at home, you may be right. A new study suggests that security vulnerabilities on workplace machines affect Mac and Windows users alike, mostly because operating systems and applications are infrequently updated.

Credit: Monkey Business Images/Shutterstock

(Image credit: Monkey Business Images/Shutterstock)

The good news, though, is that some software protects users much more comprehensively than others. If you use Internet Explorer, for example, the study suggests that you ditch it for Google Chrome or another browser that automatically updates itself. The bad news is that many workplaces don't let end users install or update software, leaving such tasks to IT staffers who may or may not get around to them.

This information comes by way of the 2016 Duo Trusted Access Report (free, but signup required). Michigan-based Duo Security offers security solutions for businesses, and as such, it's able to gather a lot of data from its clients (with permission, naturally). The company's two-factor authentication program collected data from 2 million workplace computers over the course of the last year, from companies ranging from small businesses up to huge corporations. The results were not encouraging.

MORE: Best Antivirus Software and Apps

First things first: Neither Mac nor Windows machines are regularly kept up to date. Duo found that 53 percent of Mac systems ran either of the fully patched, latest two versions of the operating system, OS X 10.11 El Capitan or OS X 10.10 Yosemite — a majority, but not by much.

Yet that figure is better than the 35 percent of workplace Windows machines that were running fully patched Windows 10 or Windows 8.1. (To be fair, only 2 percent of PCs ran the no-longer-supported Windows XP or Windows 8, and presumably most of the unaccounted-for 63 percent ran Windows 7.)

Keeping computer software up-to-date often grants useful user-interface features, but more importantly, it patches security flaws that software makers often make public in order to prevent further mistakes. It's not hard to see how a cybercriminal could take advantage of that arrangement.

Regardless of your operating system, there's a fair chance that your primary Internet browser is out-of-date. Considering how many malware attacks originate online and attack known vulnerabilities, that's not promising. Machines with Google Chrome installed are pretty on-the-ball: 82 percent of them have a fully updated Chrome browser, probably due to the fact that Chrome keeps itself updated by default.

As such, one of the Duo report's recommendations is that users "switch to browser platforms that update more frequently and automatically, like Google Chrome."  But bear in mind that it is possible to manually set almost any web browser, including Mozilla Firefox and Microsoft's Edge and Internet Explorer, to update automatically.

For Firefox, the fully updated rate was 66 percent, and it was 58 percent for Internet Explorer and Edge. About one-quarter of Windows users were running versions of Internet Explorer that don't get updates anymore, such as IE 7, 8, 9 (except on Vista) and 10.

As always, Adobe Flash Player and Oracle's Java platform present huge security risks for web browsers, and relatively few benefits in return. Critical security flaws are constantly being found in both pieces of software — especially in older versions — and yet only 40 percent of Flash installations and 28 percent of Java installations were up-to-date. Fortunately, only 22 percent of workplace systems still had Java installed. About 80 of them maintained Flash Player, however.

While these vulnerabilities may sound disastrous, it’s actually quite difficult to tell how many, if any, of the 2 million machines had been compromised as a result. (It's probably not zero.) Countermeasures such as installing antivirus programs can mitigate a lot of potential damage, and if you don't expose yourself to any malware, your chances of compromising your system are fairly low.

For business users, the best course of action is to simply check to make sure each of the programs you use is up to date. If your IT department is in charge of that kind of thing, just hope that it knows what it's doing, and maybe save your visits to questionable websites until after work.

TOPICS
Marshall Honorof

Marshall Honorof is a senior editor for Tom's Guide, overseeing the site's coverage of gaming hardware and software. He comes from a science writing background, having studied paleomammalogy, biological anthropology, and the history of science and technology. After hours, you can find him practicing taekwondo or doing deep dives on classic sci-fi. 

Latest in Browsers
Google Chrome on Android
How to stop your personal data from appearing in Google searches
Opera Air
I just tested the world’s first mindful browser — it’s calmly convinced me to ditch Google Chrome
A photo of the Google Chrome logo on a white background, displayed on the screen of a large MacBook Pro which is situated on a table with green foliage behind.
Google Chrome just got three new modes — and it's a game changer for performance
Google Calendar app on iPhone
Google Calendar just got the dark mode we’ve been waiting for — here’s how to activate it
Image of an Apple MacBook with a Google Chrome logo on the display
This new Google Chrome upgrade made me say 'whoa' out loud — and it's a game changer
Two Opera Browser Days attendees standing in front of a screen displaying the Opera logo
How Opera is challenging Google by putting privacy first
Latest in News
Prime Gaming's selection of free games for March 2025
Amazon Prime is giving away these 20 games in March — get Fallout, Saints Row 3, and more free games now
Hugh Grant as Mr. Reed in "Heretic"
Max top 10 movies — here’s the 3 worth watching right now
Nintendo Switch 2
Nintendo Switch 2 price rumors and predictions — everything we've heard so far
Samsung Galaxy S25 Edge back
Samsung Galaxy S25 Edge latest leak hints at good news for pricing
Apple Intelligence logo on iPhone
Apple confirms Siri 2.0 is delayed — 'it’s going to take us longer than we thought'
NYTimes Connections
NYT Connections today hints and answers — Saturday, March 8 (#636)
  • damianrobertjones
    Bull.

    WSUS
    Reply
  • damianrobertjones
    "The bad news is that many workplaces don't let end users install or update software, leaving such tasks to IT staffers who may or may not get around to them."

    Then what the HECK are they paid for? WSUS handles all of the updating. Problem solved. Imagine Chrome having to deal with all the supplier portals and garbage that IE still has to run!? This article has one agenda and I'm not buying it.

    Ok... Why not Opera? It has a small market share, works quite well, auto updates? Why CHROME? We know why!
    Reply
  • kyzarvs
    So in the corporation that I'm sat in now, we should have 1500 copies of Chrome self-updating PCs clogging up the internet connection, or use WSUS?

    Yes, most corporations are behind live - that's because they need to perform internal tests and verifications to make sure the updates don't break anything the corporation depends on and they frequently don't install updates that have no bearing on the user base.

    Uninformed twaddle.
    Reply
  • reactive
    I sort of agree with it, but only because Edge is driving me nuts. I hate the meaningless icons on the right hand side for Favourites etc, and the infuriating way in which it persists in re-associating itself with PDF files when I already have Acrobat DC installed and set as the default! On the other hand, Chrome seems to be having a lot of problems recently with tabs freezing... so much so I'm forced to return to Edge just for reliable operation!
    Reply