Coding, Cybersecurity

Modern Application Frameworks, Legacy Browsers and Security Implications

Intrusion DetectionTCP Congestion ControlInstalling Wireshark on Mac OS X (Yosemite)What are Rogue Access Points?Two Common Router Security ThreatsModern Application...

· 1 min read >
application frameworks security

I was recently sent an article titled ‘How it feels to learn JavaScript in 2016’. Aguinaga, J. (2016).  It is a somewhat amusing take on the current state of JavaScript frameworks and libraries available to web developers and how this environment is changing so quickly. All quirks aside, modern application frameworks provide us with much interactivity and web functionality we take for granted. The modern web browser has to cope with these advancements and continue to evolve to meet the demands of its users and developers. In the Federal government and other organizations that are not able to update their software systems to keep up with the pace, libraries called polyfills have been created to add functionality to legacy browsers that were never designed to run such rich modern web applications. Modernizr is one of the most popular HTML5 polyfills available as open source software at https://github.com/Modernizr.

Other than keeping older browsers up to date in order to cope with new application frameworks, security implications also must be considered. On January 2016, Microsoft stopped supporting legacy versions of Internet Explorer. This included versions 10 and below. They issued a statement warning that continuous use of Internet Explorer 10, 9 and 8 would leave individuals “at risk of viruses and other malicious software that exploit security flaws and bugs in browsers.”. In January, FedTech also released an article regarding the use of older versions of Internet Explorer being used by government workers and users of Federal websites. Their article warned of the increase in potential vulnerabilities. In the same month, HIPPA Journal released a statement warning that use of Internet Explorer 10 and below would be a violation of HIPAA rules. As of September 2016, market share for IE 8 and 9 combined was less than 9%. Net Market Share (2016).

Organizations both in the public and private sector must continue to adapt in order to keep their infrastructure compatible with newer and not even necessarily bleeding edge technology. They must also realize the vulnerabilities left open if they continue to support legacy browsers that have been abandoned (in terms of support and security patches) by their vendors in order to mitigate potential security threats.

Series Navigation<< Two Common Router Security ThreatsWhat are Covert Channels? >>

Written by Ian Carnaghan
I am a software developer and online educator who likes to keep up with all the latest in technology. I also manage cloud infrastructure, continuous monitoring, DevOps processes, security, and continuous integration and deployment. In my spare time I teach undergraduate classes in web development. Profile

AWS CodePipeline for Static Websites

Ian Carnaghan in Coding
  ·   7 min read
Arrays

JavaScript Arrays – Fundamentals

Ian Carnaghan in Coding
  ·   3 min read

1
Leave a Reply

avatar
1 Comment threads
0 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
0 Comment authors
Helpful Resources for Understanding Web Application Security - Ian Carnaghan Recent comment authors
  Subscribe  
newest oldest most voted
Notify of
trackback

[…] Modern Application Frameworks, Legacy Browsers, and Security Implications: An overview of some of the problems introduced into modern web applications and the constant challenge with legacy browsers and security concerns. […]