You are certainly right to want to upgrade from Internet Explorer 6. Microsoft has issued a standing advisory warning companies and individuals to upgrade to Internet Explorer 8 for improved browser security. What's more, IE6 users won't be able to properly access the upcoming Web versions of Microsoft Office 2010 because Microsoft will only support versions IE7 and upwards. Also as a consequence of the recent attacks against Google -- via vulnerabilities exploited in IE6 -- it has been reported that it will support only IE versions 7 and 8 on its Google Docs service and will start to phase out support for IE6 for Gmail and Google Calendar later this year.
I'm surprised that you don't use WSUS (Windows Server Update Service) to manage the patch management and upgrades of your machines. It's free and centralizes the distribution of updates to computers on your network. Do you use Windows Automatic Update to deploy patches and upgrades instead? Any machines running IE6 on Windows XP, Windows Vista, Windows Server 2003, or Windows Server 2008 will have had a notification through Automatic Update about IE8 as either a "High-Priority" or "Important" update. IE8 will not automatically install on machines, and you may have prevented users from installing IE8 through Automatic Update by using the IE8 Blocker Toolkit using Group Policy.
To upgrade IE6 with or without the use of WSUS or Automatic Update, first test IE8 for compatibility with internal applications and sites. Testing is required because any kind of update can overwrite key files, disrupt existing software or change services or functions on which your system relies. Test computers or a virtualized IT infrastructure to create a test environment may be a luxury you can't afford, but you should at least test the upgrade on a small group of machines before rolling it out to the rest of the company.
Every problem you find on these test machines is one less problem that you will hear about from your end-users. But be sure to have a rollback and restore plan in place! By completing a test upgrade you can ensure a predictable rollout when IE8 is deployed. The rollout, manual or automated, can be used as an additional part of the testing process if it's done in stages. The initial rollout should be to groups of less critical machines, and if they perform as expected, you can continue with the rollout until all machines are updated. I would also check relevant Internet discussion news groups to find out about the issues others encountered when upgrading from IE6 to IE8. You certainly won't be the first administrator to perform such an upgrade, so take the time to learn from the mistakes and experiences of others.
For more information:
- Check out this Web browser security tutorial.
- Get more information on IE6 security concerns and why upgrading is necessary.
Dig Deeper on Web browser security
Related Q&A from Michael Cobb
Explore the differences between symmetric vs. asymmetric encryption algorithms, including common uses and examples of both, as well as their pros and... Continue Reading
Pirated software is still a major concern nowadays. Uncover how to prevent software piracy and protect your organization's intellectual property. Continue Reading
Shellcode is a set of instructions that executes a command in software to take control of or exploit a compromised machine. Read up on the malware ... Continue Reading