> Is it worth the time and effort to install every hotfix, security update for > IE5 and IE6 or should I rather just wait until a Cumlative patch/Service > Pack comes out and install those.
That is a _very_ subjective question. Noone can answer that but you. There are a heap of factors that come into play when you want to assess the cost of doing so, vs. leaving it unpatched. It's all a matter of cost, so it takes a bit of thinking and counting... The first rule is anyway: don't patch unless it's broken. If a patch provides a fix that is totally unecessary for you, then don't apply it. (Unfortunately, this is less often the case with internet-security related pacthes, than with other SW-bug patches.) You could read this good paper: http://www.usenix.org/events/lisa02/tech/beattie.html for an example approach to answering your question. (Thanks, btw, to whoever it was that first posted this link) Cheers, Anders :) ------------------------------------------------------------------- SurfControl E-mail Filter puts the brakes on spam, viruses and malicious code. Safeguard your business critical communications. Download a free 30-day trial: http://www.securityfocus.com/SurfControl-security-basics
