Security Updates -- Are they necessary in Linux for user?

[monty19@ hotmail.com]

>One question: Do the security updates have to be installed immediately 
>after install? What happens if,. e.g install Firefox 2.0 over Firefox 1.5 
>(the current version). Do I still need to install the security update for 
>Firefox? Or should I first install the security update and then update 
>Firefox to the latest 2.x version?

You can remove Firefox 1.5 if no other software on your system (or no 
software you need) requires it.  You can run "rpm -q --whatrequires firefox" 
to see what software is reliant on the Firefox package.  If you want you can 
remove firefox and any dependant packages with "rpm -e <package1> <package2> 
..."

You can update the Firefox package, and install firefox 2.0 from 
mozilla.org.  Just make sure you install it in a directory that won't 
overwrite files from the rpm package; if an update comes down the line at a 
later date for the installed package, you could easily wreck your 2.0 
install.

You could also update to firefox 2.0 using a 3rd party repository.

Regardless though you should keep all packages on your system up to date.  
If you install 2.0 from mozilla.org, someone could accidentally run the 
version installed by the package and accidentally visit a malicious website 
(no matter how small the chance...)

And stay mindful of the fact that if you install 2.0 from mozilla.org you 
will have to keep an eye out for updates, as fedora will not be updating 
your install from there.  That will be your responsibility.