Making Internet Explorer safer

By | August 25, 2007

Since switching from Internet Explorer to Mozilla Firefox two years ago, I’ve had better surf speeds and less trouble with spyware. It’s not that Firefox is the best Web browser; but overall, Firefox is relatively better in most aspects except for the resource usage part.

If you want to use Internet Explorer, you can try some things out to make it more secure, because the biggest gripe people have with IE is the security loopholes present (which has so far compelled Microsoft to issue many updates). Most of the time, it’s to do with Internet Explorer vulnerabilities.

If you are using Internet Explorer 7, there are some security settings in IE 7 you can adjust. In your Control Panel > Internet Options in Windows XP, click the Security tab and click on the Custom Level button.

In Custom Level, there is a list of settings which you can tweak to increase your IE browser security. Most of these are auto-enabled if you choose Medium security level, but some are not. It might not be right for everyone (higher security settings are more annoying), so this is just a recommendation.

You can always reset the settings to default. Some of the options are not present in IE6; as I understand, many people have yet to upgrade to IE 7, so this list includes a few IE 6 specific options as well. Feel free to experiment 🙂

  • Loose XAML – disable
  • XAML browser applications – disable
  • XPS documents – disable
  • Run components signed/not signed with Authenticode – disable
  • Allow previously unused ActiveX controls to run without prompt – disable
  • Allow Scriptlets – disable
  • Automatic prompting for ActiveX controls – disable
  • Binary and script behaviors – disable
  • Display video and animation on a webpage that does not use external media player – disable
  • Download signed/unsigned ActiveX controls – disable for both
  • Initialize and script ActiveX controls not marked as safe – disable
  • Run ActiveX controls and plug-ins – disable
  • Script ActiveX controls marked safe for scripting – disable
  • Automatic prompting for file downloads – disable
  • File download – enable
  • Font download – prompt
  • Enable .NET Framework setup – disable
  • Java permissions – high safety
  • Access data sources across domains – disable
  • Allow META REFRESH – enable
  • Allow scripting of Internet Explorer Webbrowser control – disable
  • Allow script-initiated windows without size or position constraints -disable
  • Allow web pages to use restricted protocols for active content – disable
  • Allow websites to open windows without address or status bars – disable
  • Display mixed content – prompt
  • Don’t prompt for client certificate selection when no certificates or only one certificate exists – disable
  • Drag and drop or copy and paste files – disable
  • Include local directory path when uploading files to a server – disable
  • Installation of desktop items – disable
  • Launching applications and unsafe files – disable
  • Launching programs and files in an IFRAME -disable
  • Navigate sub-frames across different domains – disable
  • Open files based on content, not file extension – enable
  • Software channel permissions – high safety
  • Submit nonencrypted form data – enable
  • Use Phishing Filter – enable
  • Use Pop-up Blocker – enable
  • Userdata persistence – enable
  • Web sites in less privileged web content zone can navigate into this zone – enable
  • Active Scripting – disable
  • Allow Programmatic clipboard access – prompt
  • Allow status bar updates via script – disable
  • Allow websites to prompt for information using scripted windows – disable
  • Allow paste operations via script – disable
  • Scripting of Java applets – enable
  • Logon – Automatic logon only in Intranet zone
Share This: