Quick Links

Internet Explorer has had a bit of a reputation problem over the years and some people prefer to disable it on their systems. But if you have disabled it, should you continue to install security updates for it regardless? Today's SuperUser Q&A post has the answers to a curious reader's question.

Today’s Question & Answer session comes to us courtesy of SuperUser—a subdivision of Stack Exchange, a community-driven grouping of Q&A web sites.

The Question

SuperUser reader Stefan Surkamp wants to know if he should install updates for Internet Explorer even though he has it disabled on his system:

I have disabled Internet Explorer in the "Windows Features" dialog. Nonetheless, Windows Update says that there are security updates available for it.

I am aware that I can not uninstall Internet Explorer, and that it remains on my system. Are there any security issues if I do not install the available updates, or can I disregard all the updates for Internet Explorer?

Should he worry about installing the available updates for Internet Explorer, or can he ignore them?

The Answer

SuperUser contributors John and Virtlink have the answer for us. First up, John:

An operating system is like a table. A browser or other application is like an item on top of the table. Internet Explorer is an application, but it is physically part of the table because of how Microsoft bundled it with the OS.

Even if you do not use Internet Explorer, you really need to install the updates. If a hacker gains entry to your system, they may attempt to abuse a known vulnerability that you could have patched but did not, and then your problem is compounded. Additionally, since Internet Explorer is a shell used by some other browsers and applications, if you are using one of those tertiary browsers (such as Maxthon), you would be stuck with an older version of Internet Explorer that renders the pages (even though the interface is something else).

When dealing with vulnerabilities, you need to do a cost/benefit analysis. Does the cost of the downtime to install, and any compatibility problems it produces, outweigh the risk or loss incurred from an attack?

Followed by the answer by Virtlink:

You should always install updates for Internet Explorer, even if you are using a different browser.

Internet Explorer is very tightly woven into the fabric of Windows. For example, Internet Explorer's proxy settings, the hosts file, and Windows Firewall are examples of parts of Windows that are intertwined with Internet Explorer. A vulnerability here puts your whole system at risk.

Additionally, as you can not uninstall Internet Explorer, it can run and make your system vulnerable. You do not know when it will run. For example, if you are viewing a Help file (.chm), Internet Explorer is rendering the page for you. Some browsers and other applications use Internet Explorer under the covers to render rich content. Again, a vulnerability here puts your whole system at risk.

It is always a good idea to install all Windows updates to help keep your system as secure as possible. Far better to be safe and worry free than very sorry and reinstalling your system from scratch later on.


Have something to add to the explanation? Sound off in the comments. Want to read more answers from other tech-savvy Stack Exchange users? Check out the full discussion thread here.