Internet Explorer 10 Delivery Through Automatic Updates
Microsoft Internet Explorer 10 makes browsing the web faster, easier, safer, and more reliable than ever. To help customers become more secure and up-to-date, Microsoft will distribute Internet Explorer 10 through Automatic Updates and the Windows Update and Microsoft Update sites. Internet Explorer 10 will be available for users of the 32-bit and 64-bit versions of Windows 7 Service Pack 1 (SP1), and 64-bit version of Windows Server 2008 R2 SP1. This article provides an overview of the delivery process and options available for IT administrators to control how and when Internet Explorer 10 is deployed to their organization through Automatic Updates.
On This Page
- Automatic Updates Delivery Process
- Internet Explorer 10 Automatic Upgrades
- Options for Blocking Automatic Delivery
- Availability of Internet Explorer 10
- Preventing Automatic Installation of Internet Explorer 10 with WSUS
Automatic Updates Delivery Process
Automatic Updates will only offer Internet Explorer 10 to users with local administrator accounts. Automatic Updates will automatically download and install Internet Explorer 10 when it is available for Automatic Updates delivery. There will be no notification or prompt to indicate the installation process. Users who are not local administrators will not be prompted to install the update and will thus continue their currently installed version of Internet Explorer.
Internet Explorer 10 will replace Internet Explorer 8 or Internet Explorer 9 on a user's computer. However, users may roll back to Internet Explorer 8 or Internet Explorer 9 by uninstalling Internet Explorer 10. Windows 7 and Windows Server 2008 can uninstall through the Windows Control Panel Programs and Features utility under the View installed updates option.
.jpg) | Note: If a user has installed Internet Explorer 10 and subsequently removes it, Automatic Updates will not re-offer Internet Explorer 10 to that computer. Internet Explorer 10 will no longer be presented by Automatic Updates. |
Internet Explorer 10 Automatic Upgrades
Internet Explorer 10 will be available as an “Important” update through the Automatic Update feature of Windows Update. Users of Windows 7 Service Pack 1, who have opted to download and install updates automatically through Windows Update (recommended setting), will automatically be upgraded to Internet Explorer 10.
If a user who had been automatically upgraded to Internet Explorer 10 decides to uninstall Internet Explorer 10, Internet Explorer 10 will be made available as an optional update through Windows Update.
If a user who had been automatically upgraded to Internet Explorer 10 decides to uninstall Internet Explorer 10, Internet Explorer 10 will be made available as an optional update through Windows Update.
Options for Blocking Automatic Delivery
Microsoft recommends that organizations that use Automatic Updates in their environments and wish to prevent users from automatically receiving Internet Explorer 10 take one or more of the following steps:
- Download and deploy the Internet Explorer 10 Blocker Toolkit. The non-expiring Blocker Toolkit is available from the Microsoft Download Center. It includes both a Group Policy template and a script that set a registry key to prevent Automatic Updates and the Windows Update and Microsoft Update sites from offering Internet Explorer 10 as a high-priority update.
Note:
The Blocker Toolkit will not prevent users who are local administrators from manually installing Internet Explorer 10 from, for example, external media or the Microsoft Download Center. Using the Internet Explorer 10 Blocker Toolkit also prevents your users from receiving automatic upgrades from Internet Explorer 8 or Internet Explorer 9 to Internet Explorer 10. For more information, see the Internet Explorer 10 Blocker Toolkit Frequently Asked Questions. - Deploy an update management solution that provides full control over the updates deployed to computers in your network. Microsoft offers the free Windows Server Update Services (WSUS) and the more advancedSystem Center 2012 Configuration Manager update management products. IT administrators that use an update management solution should use the standard features of their product (rather than the Blocker Toolkit) to control Internet Explorer 10 distribution.
Note:
If your organization uses WSUS to manage updates, and Update Rollups are configured for automatic installation, Internet Explorer will automatically install throughout your organization. This scenario is discussed in detail in the Knowledge Base article here.
Additional information on Internet Explorer 10, including a Readiness Toolkit, technical overview, in-depth feature summary, and Internet Explorer 10 download is available on the Internet Explorer 10 product page and on the Springboard Series for Internet Explorer 10 on TechNet.
Availability of Internet Explorer 10
Distribution of Internet Explorer 10 by Automatic Updates will begin shortly after the final release of the product, which is expected in 2013. The specific dates for the release of Internet Explorer 10 have not been finalized. Internet Explorer 10 will be distributed through Configuration Manager, Microsoft Systems Management Server, and WSUS.
Preventing Automatic Installation of Internet Explorer 10 with WSUS
Microsoft will release the Internet Explorer 10 Installation and Availability update to Windows Server Update Services (WSUS) marked as an Update Rollup package. If you have configured WSUS to "auto-approve" Update Rollup packages (this is not the default configuration), Internet Explorer 10 will be automatically approved for installation and consequently, you may want to take the actions below to manage how and when this update is installed. The Internet Explorer Blocker Toolkit blocks only installation that occurs by using Windows Update and Automatic Update. The toolkit does not block distribution that occurs by using WSUS. You will need to take action if:
- You use WSUS to manage updates in your organization.
- You have Windows 7 SP1-based computers or Windows Server 2008 R2 SP1-based computers that have Internet Explorer 8 or Internet Explorer 9 installed.
- You do not want to upgrade Internet Explorer 8 or Internet Explorer 9 computers to Internet Explorer 10 at this time.
- You have configured WSUS to auto-approve Update Rollups for installation.
The following steps will temporarily modify the auto-approval that you may have created to ensure that packages classified as Update Rollups are not automatically approved for installation. These steps are the steps for WSUS 3.0. For WSUS 2.0 please refer to the product documentation.
- Click Start, click Administrative Tools, and then click Microsoft Windows Server Update Services 3.0.
- Expand ComputerName, and then click Options.
- Click Automatic Approvals.
- Click the rule that automatically approves an update that is classified as Update Rollup, and then click Edit.Note:
The properties for this rule will resemble the following:- When an update is in Update Rollups
- Approve the update for all computers
- Click the Update Rollups property under the Step 2: Edit the properties (click an underlined value) section.
- Clear the Update Rollup check box, and then click OK.
- Click OK to close the Automatic Approvals dialog box.
| Note: If you do not see a rule that resembles step 4, you have not configured WSUS to automatically approve Update Rollups for installation. Therefore, no further action is required. |
The steps above ensure Internet Explorer 10 is not automatically approved for installation. After the Internet Explorer 10 package is available for download, you should manually synchronize the new package to your WSUS server so that when you re-enable auto-approval for Update Rollups it will not be installed. These steps are the steps for WSUS 3.0. For WSUS 2.0 please refer to the product documentation.
- Click Start, click Administrative Tools, and then click Microsoft Windows Server Update Services 3.0.
- Expand ComputerName, and then click Synchronizations.
- Click Synchronize Now.
- Expand ComputerName, expand Updates, and then click All Updates.
- Choose Unapproved in the Approval dropdown.
- Ensure that Microsoft Internet Explorer 10 is listed as an unapproved update.
Note: There may be multiple updates listed depending on the language and operating system updates you imported.
Optional
If the business needs of your organization require that Update Rollups packages are set to auto-approve, you can change your settings back to auto-approve in the Update Services Microsoft Management Console Snap-in. To do this, follow these steps:
- Click Start, click Administrative Tools, and then click Microsoft Windows Server Update Services 3.0.
- Expand ComputerName, and then click Options.
- Click Automatic Approvals.
- Click the rule that automatically approves updates of different classifications, and then click Edit.
- Click the Update Rollups property under the Step 2: Edit the properties (click an underlined value) section.
- Enable the Update Rollups check box, and then click OK.
- Click OK to close the Automatic Approvals dialog box.
| Note: Because auto-approval rules are only evaluated when an update is first imported into WSUS turning this rule back on after the Internet Explorer 10 update has been imported/synchronized to the server will not cause the auto-approval of this update |
No comments:
Post a Comment