Internet Explorer 7

Although changes have been made to Internet Explorer 7 (IE 7) to make it safer than IE 6, security issues remain and many of the same considerations discussed for IE 6 are also pertinent to IE 7. In fact, possible exploits using active scripting surfaced immediately after the release of IE 7 to the general public. The general discussion of security zones in IE that was given previously applies here and should be read for background. The recommended settings for the Internet security zone given below should be used together with a system of adding frequently visited sites that are known to be safe to the Trusted Zone.

There are quite a few settings and the particular recommendations given in the table below are but one of many possible combinations. The recommended settings can be modified to suit a PC user’s particular pattern of surfing. Thus, you may wish to experiment to find a combination best for your own purposes. For example, many pages use scripts and you may wish to allow certain aspects. Also, it is a common practice for pages to use META REFRESH for redirection. It is also used by bad sites to trap your browser or to fool you. I have left it enabled but you may wish to disable it. Another setting that some may wish to disable is “File download” although I have left it enabled.

The recommended settings below may not suit everybody and may even be irritating to some. Therefore, do not undertake to change anything on your computer unless you know how to get back to where you started.

Recommended settings for Internet security zone in Internet Explorer 7
Category Setting Default Recommended
.NET Framework Loose XAML Enable Disable
XAML browser applications Enable Disable
XPS documents Enable Disable
.NET Framework-reliant components Run components not signed with Authenticode Enable Disable
Run components signed with Authenticode Enable Enable
ActiveX Controls and Plug-ins Allow previously unused ActiveX controls to run without prompt Disable Disable
Allow Scriptlets Disable Disable
Automatic prompting for ActiveX controls Disable Disable
Binary and script behaviors Enable Disable
Display video and animation on a webpage that does not use external media player Disable Disable
Download signed ActiveX controls Prompt Disable
Download unsigned ActiveX controls Disable Disable
Initialize and script ActiveX controls not marked as safe for scripting Disable Disable
Run ActiveX controls and plug-ins Enable Disable
Script ActiveX controls marked safe for scripting Enable Disable
Downloads Automatic prompting for file downloads Disable Disable
File download Enable Enable
Font download Enable Disable
Enable .NET Framework setup Enable .NET Framework setup Enable Disable
Miscellaneous Access data sources across domains Disable Disable
Allow META REFRESH Enable Enable
Allow scripting of Internet Explorer web browser control Disable Disable
Allow script-initiated windows without size or position constraints Disable Disable
Allow webpages to use restricted protocols for active content Prompt Disable
Allow websites to open windows without address or status bars Disable Disable
Display mixed content Prompt Disable
Don’t prompt for client certificate selection when no certificates or only one certificate exists Disable Disable
Drag and drop or copy and paste files Enable Disable
Include local directory path when uploading files to a server Enable Disable
Installation of desktop items Prompt Disable
Launching applications and unsafe files Prompt Disable
Launching programs and files in an IFRAME Prompt Disable
Navigate sub-frames across different domains Disable Disable
Open files based on content, not file extension Enable Enable
Software channel permissions Medium safety High safety
Submit non-encrypted form data Enable Disable
Use Phishing Filter Enable Enable
Use Pop-up Blocker Enable Enable
Userdata persistence Enable Disable
Websites in less privileged web content zone can navigate into this zone Enable Disable
Scripting Active scripting Enable Disable
Allow Programmatic clipboard access Prompt Disable
Allow status bar updates via script Disable Disable
Allow websites to prompt for information using scripted windows Disable Disable
Scripting of Java applets Enable Prompt
User Authentication Logon Automatic logon only in Intranet zone Automatic logon only in Intranet zone

Leave a Reply

Your email address will not be published. Required fields are marked *