It’s really, really misleading for the Washington Post to use the headline Another Critical IE Flaw to describe a newly reported vulnerability that:
- Affects only people running Windows Me or Windows 2000 and
- Was patched more than three years ago in Internet Explorer 6 Service Pack 1.
Although the vulnerability may be newly discovered, the underlying problem was fixed long ago. In fact, anyone still using Internet Explorer 5 on either of those two aging operating systems is vulnerable to a whole pack of other security problems as well. According to my stats, about 4.4%[*] of all visitors to this site are using one of those browser versions. The few recent stats I can find suggest that number is about accurate for the web population at large.
If you know someone who still has IE 5.x installed on their computer, do them a favor and install the IE6 upgrade for them. This is an essential step even if they already use Firefox or another browser, because the Internet Explorer components are used elsewhere in the OS and in some third-party applications.
[*] Update: For the first week of February, only 3.3% of all visitors to this site are using IE 5.x. By contrast, about 3.5% are using IE7.
Ed Bott 
I am amazed that the number of IE 5.5 users is even 3%. People who know enough to visit this site presumabably know how to run Windows Update. 🙂
Ken, I get a lot of traffic here from random Google searches. So yes, I would wager that among regular visitors the number is close to 0, but casual visitors are likely to be people experiencing some problem with Windows that I’ve previously written about. And they should be typical of the Windows population at large.
Well, it is an excellent place for them to come. Thanks much for continuing to run this blog.