In light of the sever bug in Chrome, Edge, Opera and Vivaldi that is exploited in the wild
(High CVE-2022-4262: Type Confusion in V8), we are notifying these browsers on all
sites that have configured the browser-update.org script with insecure: true
.
To better explain to users the urgency we improved the message in the notification
as well as on the update page:
Your browser is out-of-date.
Your browser has severe security issues. You could get a virus by just viewing a malicious website.
Please download one of these up-to-date, free and excellent browsers:
This is so far only in English and German but we plan to translate it into other languages as well.
The message for insecure browsers can me modified specifying {"text":{"insecure":"Your browser is insecure!"}}
, see customize.
We added pages with collected information on the browsers, their security and a page you can send people to identify their currently used browser.
This page lists all Browser versions which are currently marked as insecure on browser-update.org: Insecure browser versions
This is the list of all browser detected and listed in browser-update.org: List of Webbrowsers
This page shows your currently used browser: What is my webbrowser?
We all know that the internet can be a scary place. Between hackers and cyber criminals, it's hard to feel safe online. That's why it's essential to use a secure browser that will protect your privacy. Luckily, there are a variety of browsers out there that can help you keep your information safe and protect your privacy. We are here with our list of the 11 most secure browsers that can protect your privacy in 2022.
The majority of browsers today are data collection tools for advertising companies. The largest and most popular browser, Google Chrome, is no exception. Through their advertising partners, these companies can make money from your browser. In addition, it is common for search engines, email services, and free mobile apps to violate users' privacy.
Brave Browser: Browser with the highest level of privacy and security
Firefox: An excellent combination of privacy and usability
Tor browser: Ultimate anonymity and security
Chromium browser: Most customizable browser for tech nerds
Iridium Browser: An all in one solution for your privacy and security
Epic Privacy Browser: Third party tracking killer, best for staying un-tracked
GNU IceCat Browser: Best out-of-box protection, with numerous customization options
Bromite Browser (Android): Best for surfing useful content and staying focused without ads
LibreWolf: A perfect Firefox fork
DuckDuckGo privacy browser: A great alternative to Google Chrome, with more than 80% features
Pale Moon: Highly customizable and open-source with transparency.
A VPN is a great way to protect your online security and privacy. However, all VPN services are not the same. Here are the most reliable and trustworthy VPNs to use in 2022.
When using the internet, entities like governments, corporations, hackers, and ISPs track everything you do online. Some will even collect your data and sell it to third parties like advertisers.
While there is no way to avoid problematic surveillance capitalism, a Virtual Private Network (VPN) helps restore your privacy. Also, it will enable you to bypass geo-blocks of sites like Netflix and avoid restrictions on schools, workplaces, and authoritarian countries like China.
The vast number of VPN services can make finding a suitable one challenging. We have done the hard work for you. Our team has thoroughly tested various VPNs over the last year, and here is a list of 2022's best VPNs.
The last months brought many small improvements to the detection code and more translations.
Especially changes in the User-Agent strings of the new Edge browser and the version jump was adressed. Another fixed issue is that Safari on iPadOS pretends to be the desktop user agent, which caused some errors.
Furthermore, a lot of work has been put into improving the way to test the detection script: This brought also a site to test it and improved documentation
Detection details:
New Options / Features:
A custom text for the update message can can now be specified for each browser separately. See documentation for details.
In the last year a lot of work was put into improvements, new features and fixing edge-case bugs.
Some of the fixes:
As always, we also worked on improving the detection, reduce false positive notifications and are whitelisting small niche browsers.
A goal of browser-update.org as always been to notify users about the need to update their browser without annoying the user or making the site inaccessible.
Now we added a new feature to annoy users less: The notification can now be permanently hidden to be more friendly to users that can for some reason not update their browser.
This can be done with the button "Never show again".
When pressing it, the user is reminded how important it is to update the browser, but afterwards will not see a message on this site again.
The message is hidden just on the site is appeared, not on all sites. The reason is that of course sites want to point out problems when not using up-to-date browsers.
Since translating into some languages did magically not work and we hunted the bug for hours to days in php and gettext we finally took the step we wanted to do for a long time: rewrite the site in python. It is now built using python with flask and much more cleaner and easier to maintain.
Along this major effort hundreds of small improvements were made to the browser-update.org site and the build toolchain.
For testing purposes, it was already possible to force to show the outdated browser notification bar. Either by adding
"#bu-test"
to the url in the browser or
by adding test: true
to the options passed to the script.
Now, if you pass this, the bar is not only shown always, but it enters debug mode, showing additional information:
The option has been available for a while now: "Also notify all browsers with severe security vulnerabilities". However, it was not yet activated in the script.
Now, if the option is set, we also notify browsers that have servery security issues, such as remote code execution, and if they are being actively exploited.
We hope we can help with this to make the web a safer place and protect users that do not know that their browser is vulnerable.
It is now possible to configure the notification for Microsoft Edge and Microsoft Internet Explorer separately.
Before, Edge was treated as the direct successor of IE (what it actually is). But some users wanted to notify outdated Edge versions but keep supporting Internet Explorer 11.
Now you can pass for example required:{'e':15,'i':11}
to require Internet Explorer >=11 and Edge >=15 on your site.
By default, passing only one of "i" or "e" options falls back to the old mode and treats both the same.
It is also now possible to notify minor, patch and build version numbers of browsers. This means you can now pass a string, e.g.
c:"64.0.3282.16817"
to require at least Chrome Version 64.0.3282.16817 which uses version numbers like MAJOR.MINOR.BUILD.PATCH
.
And this is also useful for Microsoft Edge which uses MAJOR.BUILD
as the version number pattern, for example
15.15254
, 14.14332
or 12.10136
, to address versions between major releases.
Detailed documentation of notification options
We moved to a new server to have better response times for the more than 1 000 000 users who are updating their browser through browser-update.org each month.
Additionally to the main browsers Firefox, Chrome, Edge, Opera and Safari we are now detecting and offering UC Browser(Android), Vivaldi (Windows, MacOS, Linux) and Samsung Internet Browser (Android).
We continue to whitelist a lot small niche browsers in order not to annoy people who choose to use a special browser for whatever reason.
We now offer different formats of notification. Additionally to the default style, showing the notification bar at the top, you can also show it at the top bottom or in the corner of your page.
Of course you can still customize the complete bar to your needs.
Browser-update can now available as an npm package. You can now install it easily using your browserify or webpack toolchain.
The new notification bar design now offers an Ignore button istead of the "closing cross" to improve the usability and giving the explicit choice betwwen taking action and ignoring the message.
You can hide the ignore button if you like urge the user a bit more to take action.
We've split the oudated browser detection script into two parts: 1) the detection if the browser is outdated and 2) the showing of the message to users with outdated browser.
The detection part is what you embed into your site (update.js
). This is what all users will have to download. And this is is now only 2.2 kB in size gzipped, five times smaller than before
(>10kB).
Then, if the browser is outdated and needs to be notified, the message file (update.show.js
) will be loaded, but this will only happen for about 1% of the users.
We improved the detection of browsers in combination with the Operatin System a User has (Android, Windows, MacOS, Linux) and the Version of the Operating System.
We keep track which browsers are available for which Operating system.
If there is now browser available anymore for the system we hint the user to update their system and link to a site explaining this.
Also some browsers (Safari, Microsoft Edge) can only be updated together with the system. Here we tell the user to choose another browser or update their system.
We implemented a small feedback form on the browser update page where people can report why they can't or don't want to update. We are collecting now some data and already got some valuable feedback. With this we can improve our notification and the selection of browsers we offer.
For now this only on the english language version of the browser update page.
We now check for more browsers if they are up-to-date: Yandex Browser, Pale Moon Browser, and Vivaldi Browser.
The detection script was slimmed down more and we improved detection of Microsoft Edge.
When creating your update-notification code for your site you have now a few new options:
For a long time we have ignored mobile Browsers here at browser-update.org on purpose. They are in particular complicated to detect and on many platforms there is no way to update the browser without updating the system or even an operating system update is not possible at all.
Now we started to notify users that are using the outdated stock Android browser if they have an upgrade path to another newer browser on their system. We offer a selection of up-to-date browsers for Android to them, currently consisting of Chrome, Firefox and Opera.
We investigate including more browsers as choices to update and to notify other mobile platforms like Windows Phone and maybe iOS in the future.
This site can now be translated using a convenient online tool. Now it should be much easier to create, update and review translations.
Over the last weeks we added new translations for norwegian, latvian, serbian and irish.
Also, we now added a thai translation of browser-update.
As of today we convinced a total of 10 million people to update their browser. With this we may have protected tens of thousands of people from attacks through security holes in their old outdated browser. And we have improved the browsing experience of all of them with a new, speedy, more functional browser.
We minified the update notification script and tweaked it more to make it smaller and load faster.
We improved the procedure when to show the notification to be even more user-friendly: When the user closes or clicks the notification bar, we know that they noticed the notification. After this we do not show it again for a week, because this means the user has seen the bar but has some reason not to update their browser right now. Knowing this, we do not want to bother the users, but only remind them some longer time later.
The time interval to the next notification can be changed using the reminderClosed
option.
It defaults to about a week.
Internet Explorer 9 was released in March 2011, almost four ago. We will now start to notify users of this browser (in the default configuration).
We changed the code you have to include in your site. It is a little bit smaller and faster.
In our continuing quest to inform the majority of relevant browser and not to erroneously bother users of small browsers we whitelisted a few small browsers (CoolNovo,Blackberry 10,PaleMoon, QupZilla), which will not get the notification.
The browser upgrade page is now available in suomi (Finnish) Türkçe (Turkish) Română (Romanian) Also it was updated for español (Spanish).
Several improvements were made to the browser detection code: We improved the detection of Firefox ESR releases (which are supported by Mozilla for one year) and do not ask them to update. Although almost all the chrome users use the latest version of chrome because of the built-in auto-update mechanism, it may not work on some of the users. To keep these users up to date (and safe) we now also notify users that use out of date versions of chrome. Furthermore we improved the detection of other browsers we do not want to notify erroneously (e.g. Maxthon and Dolphin).
Finally, browser-update.org can be used on SSL sites (https://)! Just grab the new code and it will automatically work as expected!
Internet Explorer 8 was released almost five years ago in March 2009. We start now notifying users of this browser. Furthermore we notify users of these outdated browsers, which are not supported with security updates anymore: Firefox 10 or older (released Jan 2012, ≈< 0.5%), Opera 12 or older (released Jun 2012, ≈< 0.1%), Safari 5.0 or older (released Jun 2010, ≈<1%), Chrome 10 or older. BrowsersToNotify.
title: New Translations date: 2014-01-26 comment: trans3
The update page is now available in Norsk bokmål (norwegian) and 中文 (simplified chinese). Also it was updated for polish, russian and italian.
We simplified the update page a lot. The goal was to focus more on the next step the user has to take to choose an up-to-date browser.
This is why the browsers to choose are now on top. With a simple, short message telling the user what to do. Furthermore, we removed as many distractions as possible (removed the logo, we simplified the header, smaller menu, less text). The details why to update can still be found, but are a but further down the page.
The new page is already available in english, Deutsch, français, Nederlands, Čeština, shqipe, עברית and español. For other languages we need your help for translating a few sentences.
Along with these changes also the design of the rest page got a refresh.
More than 1 000 000 Users updated their browser so far thanks to this service!
Many webdesigners using browser-update.org have told us that we should move Internet Explorer 7 to the outdated Browsers since the release of IE9 last year.
Users now get warnings when they still use Internet Explorer 7 which was released more than 5 years ago in October 2006.
IE 7 currently approximately holds a global market share of less than 3%.
The default outdated browser list is now:
IE7 is after IE6 the browser webdesigners are struggling the most with when creating their sites. It supports almost none of the HTML5/CSS3 features and speed improvements of current browsers. An interesting approach to get users to update their browser was chosen by an Australian online shop: They added an additional tax for users of IE7 to pay their webdevelopers for optimizing the site for this ancient browser.
Additional information on when we moved browsers to the outdated list and discussion about it can be found on the wiki page "BrowsersToNotify".
Finally we can add French to the supported languages list. Now we have four of the five top languages by native and secondary speakers. Thanks to Médéric for the translation!
Furthermore, there is now a module for the Drupal Content management system available. Thanks to Peter.
Microsoft has also realized the problem about outdated browsers - at least regarding their fossil, Internet Explorer 6. They created the site "The Internet Explorer 6 Countdown" with the subtitle "Moving the world off Internet Explorer 6". Nice to see them join us in the fight. We, browser-update.org, already have convinced about 300 000 users to move off Internet Explorer 6!
Internet Explorer 9 has been released today. But it is not available for Windows XP, which has still a significant market share. Since IE9 is only available for Windows Vista and Windows 7, we have introduced a message for people using other Systems that they need to choose another browser.
"Internet Explorer 9 - Not available for your System. Only for Windows Vista or 7. Please choose another browser."
Its been a long time since the last update here and it may seem like this project is not improving. But we have plenty of updates, changes and achievements to talk about.