This type of notification across all web browsers will only grow in both use and forcefulness. The next step will be the blocking of non-secure content in the very near future.
The growth and general evolution of the use of HTTPS has been great to see and experience over the last few years. The IT security industry, along with conscientious browser developers, has truly dragged the web development world forward to force the use of encryption at the browser session level. This is an important defense against identity theft and website identity management.
This is yet another good step toward strong app security.
This is exciting on several levels. As a user of WordPress I am pleased. As a proponent of the Let’s Encrypt Project and as an IT security professional, I am ecstatic. This is yet another important step toward a more secure browsing experience for all.
Sophos is detailing in this article a fairly serious vulnerability discovered in the Microsoft HTTP stack that was patched in the most recent “Patch Tuesday” cycle. I believe this issue warrants immediate concern and should be addressed as soon as possible to prevent a potential worm issue.
Take note of this update from Firefox and apply your updates appropriately.
I think this is a great next step in the evolution of website management and development. Now is certainly the time to take this into consideration as you plan resources in 2015.
Sadly, this was to be expected. The world has been focused on transport security, so issues with the Microsoft stack were ripe for exploitation. I would highly recommend pushing this set of patches out at your earliest possible opportunity.