SophosLabs: Microsoft’s Ryan Gavin announced a new strategy to keep the web safe… Keep your Internet Explorer up to date.

It is great news for Windows users who don’t appreciate the importance of staying up to date.

Microsoft has been struggling with browser stragglers for years. They even ran their own campaign comparing IE 6 to spoiled milk including shameful infopr0n.

Old versions of IE leave a considerable number of users vulnerable to old exploits, or in their parlance easy targets.

If Microsoft updates everyone’s browser how will companies like Google have their “Aurora” moments?

While bringing everyone up to Internet Explorer 9 is a great initiative, and doing so automatically will help things along, there are still some big issues ahead for Microsoft.

Their new policy seems to rest somewhere between Google Chrome’s “You don’t know it but you just upgraded major versions” and Mozilla Firefox’s “You know that our weekly major revision is available, would you like it now? Would ya? Please?”

This could be a big problem for some enterprises that followed Microsoft’s advice 10 years ago and adopted a fully-integrated, Active-X, .aspx, optimized for Internet Explorer 6 (or 7!) internal web application.

Most organizations that use Internet Explorer are stuck on older versions because of IE-only proprietary code, and the fact that you can only have one version of Internet Explorer installed at the same time.

It only takes one application. Which is why Microsoft introduced the Internet Explorer 8 and 9 upgrade blocker. This allows you to stay as stale as Internet Explorer 7 if you wish.

Australians and Brazil will be the first to see the automatic upgrades in action, and users who have already said no to IE 8 or 9 will remain at their current version.

Good news for web developers, good news for security and most of all a demonstration of why open standards are such a good idea.

We could all be running Chrome 36 if it wasn’t for that darned Active-X control for Accounting…