Given the problems rolling out Windows XP Service Pack 2 (SP2), many of Microsoft's corporate customers are wondering how the standalone version of Internet Explorer (IE) 7.0 will affect them when it's released by year end. You might recall that with XP SP2, Microsoft provided a blocking toolkit that let businesses temporarily prevent the service pack from being automatically installed on user desktops. Will IE 7.0 provide a similar capability, and will it impact the support life cycle of XP or the other OSs on which it will run? Here's what you need to know about deploying IE 7.0.

It's Your Decision
Because of its significant security improvements, IE 7.0 will be distributed to Automatic Updates, Microsoft Update, Windows Update, and Windows Server Update Services (WSUS) as a high-priority update. Unlike other high-priority updates, however, the IE 7.0 installer will prompt users before automatically installing the new browser. Users will see three choices: Install, Don't Install, and Ask Me Later. There's no default installation choice. The window also provides information about IE 7.0's features and benefits to help users make the best choice for their particular situation.

"We're overriding the normal Automatic Updates settings," Gary Schare, director of Windows product management at Microsoft, told me. "It's an explicit opt-in, and if the user wishes to, they can uninstall it, as they can with the beta versions \[of IE 7.0\]."

Permanent Blocking
As with XP SP2, Microsoft has provided a free toolkit for businesses that wish to block the automatic delivery of IE 7.0 within their organizations. There are two major differences between the Internet Explorer 7 Blocker Toolkit and XP SP2's blocking mechanism.

First, IE 7.0 blocking is permanent, not temporary. If you choose Don't Install, the IE 7.0 update remains blocked unless you change the registry key value to accept the update. The reason, Schare told me, is that IE 7.0 doesn't replace IE 6. In contrast, when XP SP2 was released, it replaced XP SP1 in the XP support life cycle.

Second, when the XP SP2 blocking mechanism was released, businesses had only a short time to plan how they'd handle the release. With IE 7.0, Microsoft provided the blocker toolkit three to four months before making IE 7.0 available to the public, giving enterprises plenty of time to weigh the risks of IE 6 and decide whether to block or accept the upgrade to IE 7.0.

For more information about installing and using the Internet Explorer 7 Blocker Toolkit, see the Microsoft articles "Automatic Delivery of Internet Explorer 7" at http://www.microsoft.com/technet/updatemanagement/windowsupdate/ie7announcement.mspx and "Toolkit to Disable Automatic Delivery of Internet Explorer 7" at http://www.microsoft.com/downloads/details.aspx?FamilyId=4516A6F7-5D44-482B-9DBD-869B4A90159C. You can download IE 7.0 Beta 3 at http://www.microsoft.com/windows/ie/downloads/default.mspx.

Recommendations
The standalone version of IE 7.0 will be available for Windows Server 2003 SP1, Windows XP Professional x64 Edition, and XP SP2. Because it offers major functional improvements over its predecessor, IE 7.0 might be immediately dismissed by overcautious administrators. However, its security benefits are enormous. I recommend that all businesses begin assessing IE 7.0 right now—a Release Candidate 1 (RC1) version should be available at about the time of publication. Potential pitfalls include incompatibility with internal and intranet sites, but if those problems don't affect you, you should definitely plan to roll out IE 7.0.