Re: IE6 vs IE& vs IE8 on SBS
- From: "Cliff Galiher" <cgaliher@xxxxxxxxx>
- Date: Thu, 4 Jun 2009 23:34:31 -0600
Aye. I agree with the "overboard" mentality. You'll note I never said over my cold dead hands. :) I simply need a compelling reason to upgrade. When an app needs it (some do) or when MS updates a component that needs it then I'll upgrade. I'm sure update.microsoft.com will eventually need it. I don't *object* to upgrading. I just don't upgrade for no reason either. :)
I think we just happen to be on different sides of the same cautionary line, which as it happens is better than being on opposite sides of a battlefield.
-Cliff
"Larry Struckmeyer [SBS-MVP]" <lstruckmeyer@xxxxxxxxxxxxxxx> wrote in message news:OJlFzXY5JHA.3304@xxxxxxxxxxxxxxxxxxxxxxx
Showing my age here, but I remember quite well a similar debate about 1996 or so, when the argument was "Why in the name of all that is sacred do we want a browser on a server?"..
I think it would be a good thing if there weren't any browsers on any servers, and if there was something in the kernel that kept them from being installed. But MS has so married the OS and the browser, or so we are told, that even the server OS cannot get along without it. Then they throw all the security warnings in your way if you try to use it. Please don't read that last line as dismissing the possible issues of using a browser from a server, I am not and do not advocate it.
On the other hand, having watched the debates about each version of IE since the beginning, I am just about over the issue of version X +1 is too scary, I will stay with Version X, if you don't mind. I have always been a late adopter of most things software, and suspicious of the newer stuff, but when I see my peers saying things like "I will allow the installation of Silverlight (or whatever) when they pry the keyboard and mouse out of my cold dead fingers", I wonder how any of them ever got past CPM 1.0.
--
Larry
Please post the resolution to your
issue so that others may benefit.
"Cliff Galiher" <cgaliher@xxxxxxxxx> wrote in message news:uDbjF7X5JHA.4332@xxxxxxxxxxxxxxxxxxxxxxxI've gone back and forth on this myself, but ultimately every time I land on the side of not upgrading. I've never found any evidence that the preloaded dll's expose an interface at the network layer. Thus I can't see how an exploit could remotely upset things.
A locally executed exploit, such as an exe that did some bad active-X mojo, would obviously be a different story. But you'd have to be executing that code, either by downloading it or by installing it (removable media) and in such cases I doubt IE7 will help you much. You were essentially executing untrusted code and that can get you in trouble regardless of browser version.
I just haven't been able to come up with a way that IE6 exposes an extended risk that IE7 would close, as long as best practices are followed.
Hrm...
-Cliff
"Larry Struckmeyer [SBS MVP]" <lstruckmeyer@xxxxxxxxxxxxxxx> wrote in message news:upi6TaF5JHA.140@xxxxxxxxxxxxxxxxxxxxxxxHmmm:
I once asked (in a MS private group IIRC), why IE was so much quicker to load than Firefox. The answer I was given was that IE had many of its bits preloaded by the OS at startup. If true, this makes me wonder if there isn't some of the aforementioned security problems present in any OS that has IE6 or earlier installed, active or not. As I understand most of the security problems with IE6 and earlier, they involved "especially crafted" urls or packets that were to be explicitly downloaded by the human on the other side of the mouse, but I suspect that a targeted attack, such as Code Red, might be able to find those vulnerable IE6 or earlier dlls and upset the apple cart.
I am not saying there is, I am only wondering out loud, and debating with myself. If the primary reason to replace IE6 with IE7 is security, would a system, server or not, be "more secure" if the preloaded bits were IE7 bits instead of IE6 bits?
--
Larry Struckmeyer
Get your SBS Health Check
at www.sbsbpa.com
"Cliff Galiher" <cgaliher@xxxxxxxxx> wrote in message news:et8uQX94JHA.5048@xxxxxxxxxxxxxxxxxxxxxxxI agree with Cris and Russ, but I'll go as far as to say that you should have a compelling reason to put IE7 on the server. Supported? Sure. Any solid reason *not* to go with IE7? Nope. But I tend to always ask the inverse of any question like this: Is there a solid reason *to* upgrade? What do I gain?
With *any* upgrade, no matter how trivial, dll's get replaced and odd things *can* crop up. I've seen where an app that relies on IE's activeX engine stops working after a browser update. Anybody that has seen an MMC snap-in display no data or in ridiculously tiny print because someone messed with the IE defaults knows what I'm talking about. Two seemingly unrelated technologies had a dependency that caused unpredictable behavior. So although IE7 has certainly been out long enough to avoid most, if not all, of those issues, it *can* happen. I don't think that classifies as a "solid" reason, but it is a reason. If, however, a newer app needs IE7's engine to run, then I'd happily install it. I wouldn't *avoid* installing it at the expense of losing an app.
On the flipside, if no app needs it, then why upgrade? What do you gain? Security?!? You really shouldn't be browsing from the server and you should only be installing trusted 3rd party apps, so IE6, even with all of its security woes, isn't a security hole on a server. It isn't being used to browse and it isn't a listening service, hence it isn't a security problem. You gain nothing by upgrading most of the time. So why do it?
Just food for thought,
-Cliff
"Joe#2" <Joe2@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:1248F096-80F1-497E-885D-FB0593FD6C38@xxxxxxxxxxxxxxxx
I have noticed in the past a lot of resistance to moving to IE 7 and IE 8 on
the server itself.
From a security standpoint it would seen that IE6 might be getting a little
old. I also notice that WSUS want to push IE8 on the server.
Any solid reason not to go with IE7 or IE8 on SBS2003?
- References:
- IE6 vs IE& vs IE8 on SBS
- From: Joe#2
- Re: IE6 vs IE& vs IE8 on SBS
- From: Cliff Galiher
- Re: IE6 vs IE& vs IE8 on SBS
- From: Larry Struckmeyer [SBS MVP]
- Re: IE6 vs IE& vs IE8 on SBS
- From: Cliff Galiher
- Re: IE6 vs IE& vs IE8 on SBS
- From: Larry Struckmeyer [SBS-MVP]
- IE6 vs IE& vs IE8 on SBS
- Prev by Date: External drive for backup
- Next by Date: Re: Office Communicator 2007 in a SBS 2003 R2 Premium Environment
- Previous by thread: Re: IE6 vs IE& vs IE8 on SBS
- Next by thread: Re: IE6 vs IE& vs IE8 on SBS
- Index(es):
Relevant Pages
|
