Yeah I would not recomend doing that. It could potentially crash some functions. I believe IE is used for some "pretty" rendering capabilities and functions. If you want to restrict web browsing you can set a system policy. That is the extreme way. But I always count on users finding a way to do something so I go with the previous suggestion of installing anti-spyware and make sure IE is at the IE 7 version.

There are a lot of nice things in there that protect users just like SP2.

So the rule of thumb is to install ALL patches (at least the ones that don't break any applications) and update the browser to the latest version & patch level. That way the risk is minimized..

Windows defender is not bad at all. Also Spybot S&D is good too. When I get people that are infected, I always run those two first. Usually most things are gone after running those.