According to statistics from W3Techs, roughly 78.9 percent of all Internet sites today run on PHP.
But on December 31, 2018, security support for PHP 5.6.x will officially cease, marking the end of all support for any version of the ancient PHP 5.x branch.
This means that starting with next year, around 62 percent of all Internet sites still running a PHP 5.x version will stop receiving security updates for their server and website's underlying technology, exposing hundreds of millions of websites, if not more, to serious security risks.
If a hacker finds a vulnerability in PHP after the New Year, lots of sites and users would be at risk.
"This is a huge problem for the PHP ecosystem," Scott Arciszewski, Chief Development Officer at Paragon Initiative Enterprise, told ZDNet in an interview. "While many feel that they can 'get away with' running PHP 5 in 2019, the simplest way to describe this choice is: Negligent."
"To be totally fair: It's likely that any major, mass-exploitable flaw in PHP 5.6 would also affect the newer versions of PHP," Arciszewski added.
"PHP 7.2 will get a patch from the PHP team, for free, in a timely manner; PHP 5.6 will only get one if you're paying for ongoing support from your OS vendor. See more...