Re: IE5/IE6 Security Updates?

["Anders Reed Mohn" <anders_rm () utepils com>]

> Is it worth the time and effort to install every hotfix, security update
for
> IE5 and IE6 or should I rather just wait until a Cumlative patch/Service
> Pack comes out and install those.

That is a _very_ subjective question.
Noone can answer that but you.
There are a heap of factors that come into play when you want
to assess the cost of doing so, vs. leaving it unpatched.
It's all a matter of cost, so it takes a bit of thinking and counting...

The first rule is anyway:  don't patch unless it's broken.
If a patch provides a fix that is totally unecessary for you, then don't
apply it.
(Unfortunately, this is less often the case with internet-security related
pacthes,
than with other SW-bug patches.)

You could read this good paper:
http://www.usenix.org/events/lisa02/tech/beattie.html
for an example approach to answering your question.
(Thanks, btw, to whoever it was that first posted this link)

Cheers,
Anders :)


-------------------------------------------------------------------
SurfControl E-mail Filter puts the brakes on spam,
viruses and malicious code. Safeguard your business
critical communications. Download a free 30-day trial:
http://www.securityfocus.com/SurfControl-security-basics