Enterprise-wide Browser Upgrades, IE, and Patching?

newkid asks: "Our company needs to upgrade its standard browser, a difficult decision when we factor security, compatibility and the logistics of actually doing it. For compatibility, Internet Explorer is required by internal applications like IBM Tivoli Storage Manager, so we have to keep it. On the security front, expert bulletins keep ranting every week about the latest gaping holes in IE but nobody really seems concerned: for example, many on-line banking services only work in IE, and they don't check for patches. Meanwhile, users do not care, as a large portion of the traffic still comes from IE 5.5, a version discontinued by Microsoft. As for logistics,the software distribution technology and the cost of patching both make the project much larger than we can undertake this year. Our two options are: roll-out IE without patching, or roll-out IE and Netscape, but lock IE so it can only surf on intranet sites, and update NS with rsync or Ant. What is your company doing? What is your strategy? How serious are the security threats? What are the documented security breach caused by IE? We need a reality check."

Switch to Windows Server 2003

[RzUpAnmsCwrds]

Although this is a somewhat lame answer, consider switching to Windows Server 2003. It has an "enhanced" lock-down mode that eliminates most of the holes in it's default configuration.

Now, it makes some pages break, but that's the price.

Save Millions of $$ !!

[benjamindees]

That's a solution for retarded admins.
He needs a solution for retarded software.
More retarded software is not going to work.