Making Internet Explorer More Secure
Many security experts today are saying that Microsoft's browser, Internet Explorer, is not safe to use on the internet. This is due to its record with so many security vulnerabilities. This may be true in the short term, but in the long run, it is possible that similar vulnerabilities may be found in other browsers as they become more popular. This article gives some setting changes that will reduce the vulnerability of Internet Explorer.
Disable install on demand
- Close all Internet Explorer and Outlook Express instances.
- Either right click your Internet Explorer icon on your desktop or open your Control Panel (Start - Settings - Control Panel) and double click the "Internet Options" icon. The "Internet Properties" dialog box should appear.
- Click on the "Advanced" tab. The dialog box should look similar to the one shown below.
- Under "Browsing", about nine items down, uncheck the box "Enable install on demand (Internet Explorer)" and uncheck "Enable install on demand (Other)".
- Click "OK" to exit and save the changes.
After doing this, the automatic updates for Internet Explorer will require manual intervention but the additional security level is worth this inconvenience.
Set your browser to prompt you to run ActiveX, Java, and plugins
This can be irritating because on many websites you will need to approve these programs to run, but having the settings this way can prevent a disaster with malware. You can also adjust your settings and put trusted sites in the trusted zone where you can allow this active content to run. Here is the procedure:
- On your browser menu, click on "Tools", and select "Internet Options".
- Select the Security Tab.
- Be sure the Internet Zone is selected and click on the "Custom Level" button.
- Set your Active X controls and plugins section as follows:
- Download signed ActiveX controls - Prompt
- Download unsigned ActiveX controls - Disable
- Initialize and script ActiveX controls not marked as safe - Disable
- Run ActiveX controls and plugins - Prompt
- Script ActiveX controls marked safe for scripting - Prompt
- Under Miscellaneous Settings, check the following:
- Access data sources across domains - Disable
- Installation of desktop items - Prompt
- Launching programs and files in a IFRAME - Prompt
- Navigate sub-frames across different domains - Prompt
- Click the "OK" button to save your settings. When asked "Are you sure you want to change the security settings for thei zone?", click "Yes".
Check to be sure your settings are not allowing untrusted publishers to install software on your system without asking you. Click on the "Content" tab.
Click the "Publishers Button.
Remove any publishers that you do not recognize.
Use Sun's Java
Install the Java from Sun Microsystems or upgrade Microsoft's version of Java to version 3810 or later. Preferably change to Sun's Java since the Microsoft Java virtual machine is being phased out. See the article about how Microsoft is switching to use Sun's Java at http://www.microsoft.com/mscorp/java/
You can get Sun's Java at on of the two links below:
Author: Mark Zehner - September 6, 2004