Enterprise Software

Prevent IE 8 from automatically downloading on Windows servers

While keeping systems up to date is important, there are plenty of valid reasons not to upgrade IE 8 on Windows server systems. Rick Vanover shows how to protect against IE 8 from automatically showing up on your servers.

Internet Explorer (IE) version 8 will soon be a high-priority update within Automatic Updates for server systems, including Windows Server 2008 and Windows Server 2003 (SP2 or higher). Many organizations have supported browser version requirements that prohibit the rapid adoption of IE versions on server (or client) systems. This may sound uncannily familiar, as just last year IE 7 was placed as a high-priority update, and many systems woke up to a new version of the popular browser for Windows systems.

Microsoft has provided a tool to allow administrators to block the acceptance of IE; the company has also provided a path for administrators to prevent the automatic download. The Internet Explorer 8 Blocker Toolkit is a tool that will prohibit IE 8 from being a high-priority update, yet it will be listed as an optional update. The Internet Explorer 8 Blocker Toolkit also provides a group policy template (an .ADM file) for the download.

If the Internet Explorer 8 Blocker Toolkit will be rolled into Group Policy, it can only be done as a computer setting and not as a user setting. Also, keep in mind that the Internet Explorer 8 Blocker Toolkit does not prohibit a user with appropriate permissions from downloading and installing IE 8 in a standalone fashion. While this tool addresses the need for most environments, many administrators may still have some issue with the classification of the browser as a high-priority update.

Arguments can be made either way on the scope of this practice. On one hand, it is very important to keep Windows servers up to date with the standard updates to the core Windows components, but changing the version of key parts of the server can cause issues. The same argument can be made for .NET Framework versions, which generally do not generate as much conversation as browser updates.

The Internet Explorer 8 Blocker Toolkit is generally indistinguishable from the Internet Explorer 7 Blocker Toolkit. Both Toolkits are available as free downloads from Microsoft.

Stay on top of the latest Windows Server 2003 and Windows Server 2008 tips and tricks with our free Windows Server newsletter, delivered each Wednesday. Automatically sign up today!

About

Rick Vanover is a software strategy specialist for Veeam Software, based in Columbus, Ohio. Rick has years of IT experience and focuses on virtualization, Windows-based server administration, and system hardware.

Editor's Picks