Helping people with computers... one answer at a time.

It's not uncommon to use a web browser other than Internet Explorer. What you may not realize is that you're still using IE for other things.

Because I use Firefox 100% of the time, what do I do with Internet Explorer? You indicated earlier that it's best not to actually delete it because it's still needed in a minimal way (Windows updates use it). For security and privacy reasons, what can be done to render it more safe? Should browser helpers be deleted, security settings set to a level higher than Medium, or ActiveX items and JavaScript functions deleted? I no longer tend to IE (out of sight, out of mind). Any comments on minimizing exposure to malware and viruses while keeping the simplest function of receiving Windows updates would be appreciated. IE seems to always be the target for miscreants and I would love not to fall prey to them.

It's needed in more than a "minimal way", so not only is it best not to delete it, it's critical that you do not.

Portions of what you and I consider Internet Explorer are actually part of Windows itself and would cause portions of Windows to fail (more than just the Windows Update website). In fact, it could quite possibly cause other applications that depend on the functionality that those parts of IE-in-Windows provides to fail as well.

What IE brings to the table

The primary job of Internet Explorer, like most web browsers, is to display HTML encoded web pages.

The problem is that it's not just web pages that are encoded in HTML these days. Many applications use HTML as part of their user interface, their documentation, or their online help system.

To that end, the core HTML rendering engine in Internet Explorer is actually functionality used and provided by Windows for other applications to use.

That means that you can't just yank it out.

In fact, if you try by going to Control Panel, Add/Remove Programs, Turn Windows features on off, and de-selecting Internet Explorer, Windows will inform you of the likely consequences:

Turning off Internet Explorer warning

So, I guess that means that you could turn it off ...

“...it's important to continue to take Internet Explorer security updates even if you don't use Internet Explorer.”

But you really don't want to.

You can tighten security

As you suggest, you can consider tightening Internet Explorer's security.

You could:

  • ... uninstall or disable addons.

  • ... turn the security level on each of IE's security zone's to High.

  • ... disable third-party extensions.

  • There are probably more ways.

Those are all fine things to do ... until, as a side effect, they break one of the other applications that uses Internet Explorer's functionality in Windows.

I'm not discouraging it - it's easy and safe to revert a security setting if you find out that something breaks.

I'm just not encouraging it as I believe that it's a fair amount of work for not much additional return.

DO keep IE up to date

Even if you don't use Internet Explorer as your browser, you can probably see by now that the components that make up IE are also frequently used elsewhere.

Because they are still being used, it's important that they be kept up to date.

That means if Windows Update offers you an update related to Internet Explorer, don't dismiss it out of hand because you don't use IE.

You do.

While you don't need to take the version-to-version updates until something else forces the issue, it's important to continue to take Internet Explorer security updates even if you don't use Internet Explorer.

What I do

My approach is a little different.

I do nothing.

Or, put another way, I do nothing out of the ordinary; I keep IE up to date, but I don't go in and tweak any of its settings for additional security.

I use IE very infrequently but occasionally, I just have to - as I suspect that you do as well.

So I keep it in a runable, usable state.

Not using it as your browser actually avoids most of the exploits that are out there. Certainly not all, but this is where I look at the work/risk tradeoff. It's just not worth it to me to take extra steps.

Besides, recent versions of IE continue to improve, both in terms of performance and security. While I might use another web browser most of the time, having IE lying around doesn't really impact my overall vulnerability by that much, in my opinion.

Article C4978 - November 10, 2011 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

9 Comments
GREG JACKSON
November 11, 2011 10:16 AM

Thanks. While I still have IE enabled, but use FF 100% -I admit all my internet endeavors have worked flawlessly. I wouldn't want to mess with that one important benefit. Not for the world.
Thanks again, Leo.

Jim de Graff
November 15, 2011 9:47 AM

Not to mention that there are still sites out there (epost and gocomics for example) that don't fully function with anything except Internet Explorer.

GREG JACKSON
November 15, 2011 10:19 AM

Re: sites that require IE.
Of all the many sites I regularly visit, and all the new sites visited since installing FireFox, I've never had this as an issue. Most sites have accommodated FireFox.

However, when or if this problem should ever come up, the FireFox browser has the add-on to allow you to open the page in Internet Explorer [yep, there's an app for that too]. So yes, it's best to keep IE regardless. Besides, Leo says I should keep it and that's good enough for me.

Glenn P.
November 15, 2011 2:28 PM

Wasn't there some yammering a few years ago about some version of Windows, available exclusively in Europe, that genuinely didn't  have IE installed at all, as a means of avoiding the "IE monopoly" issue...? Whatever became of that???

I believe what Microsoft removed was the outermost layer called "Internet Explorer" - so the "browser" was gone. The shared components of IE that were used by other programs had to remain in order for Windows to work.

Leo
17-Nov-2011
Michael
November 15, 2011 7:19 PM

I am also using Firefox as my primary browser with IE8 for backup. I hardly ever use IE during the normal course of the day/month/year. However, an important fact about IE is that, you MUST have IE in order to perform Mircrosoft Updates (or Windows Updates) in order check for any newly released changes, patches, updates, whatever. You cannot access MS updates with any other browser except for IE. Once I have found any new updates I will manually download them, install them manually and save the updates for later use if needed. I do not use the automated update function because I want to see what is being updated. Then, I can determine if I want to install them or not.

Sri
November 15, 2011 9:20 PM

If you are so insecure about IE, why not consider abandoning not just IE but Windows as well ;)

I did that in May 2010 and switched over to Linux (Ubuntu 9.10). Having an excellent experience since then - not a single failure, no security problems, no performance problems. Actually my laptop is performing much better with Linux.

Mark J
November 15, 2011 10:41 PM

@Glenn
In Europe IE comes with all versions of Windows. I think the EU dropped the lawsuit when MS showed that Windows couldn't work without IE. It is possible to get Windows without Windows Media Player, though.

Joe Beirne
December 21, 2011 1:11 PM

I read you article on the conseqences of deleting IE from my computer.

Microsoft IE writes information on every web site I ever visit in a number of the ".dat" files it writes to every time I visit a web site.

These are files that anyone having or somehow getting access to my computer an read, thereby being able to get information on every web site I ever visited.

It's for this and no other reason that I want to delete it from my system.

Some of the entries in these files are only overwritable by using a hex editor to replace the data written with "0"s (zeros), and that's a very time consuming process.

What are your comments on this? Please advise all of us about what we can do to eliminate this problem. Thank you.

JB


The .dat files are simply part of IE's history and cache. a) if you don't use IE then they should not be updated - uninstalling is not required. Even should it be updated by some inadvertant use of IE, clearing IE's history (with IE itself, or a tool like CCleaner, which can be automated) will also make it go away. As the article states the guts of IE are a part of Windows and cannot be deleted without potentially harming Windows itself.
Leo
21-Dec-2011

Southy
December 29, 2011 5:10 PM

One easy solution, use linux.

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.