Internet Explorer 6 Security- the Local or “My Computer” Zone

Description of the “My Computer” or local Internet security zone

The “My Computer” zone is the local computer zone, which governs the security settings for opening HTML pages stored on your own system. These locally stored pages are deemed to be safe, which is normally a reasonable assumption. Also local pages may need access to the resources such as files that are located on your system and are therefore given a high degree of trust.

Unfortunately, there are a large number of cross-zone vulnerabilities, which writers of malware such as viruses, worms, etc. may use to their advantage. To help plug these security holes, one of the security changes made in the Windows XP Service Pack 2 update locks down the  “My Computer” zone to control the running of scripts and ActiveX components. This increased security comes at a cost, however, since certain applications are thereby broken.

Configuring the “My Computer” Internet security zone

Users of older Windows operating systems will not receive the security updates for Internet Explorer that the Windows XP SP2 contains. In these cases it may be desirable to be able to configure the settings for the “My Computer” zone. (The following procedures do not apply to IE 6 in Windows XP SP2 or to IE 7.)

Configuring Internet Explorer zones is done through the “Tools- Internet Options ” menu. (A tutorial is available on another page.) The zone for “My Computer” is normally hidden but it can be made visible by editing the Registry so that this zone appears on the Security tab in the Internet Options dialog box, as shown below.

zone5

The Registry settings that have to be changed to make this zone visible are given in an article in the Microsoft Knowledge Base . The key that has to be edited for a particular user account is

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0

The key to be edited if all user accounts are to have this zone visible is

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0

Within the key is a DWORD value “Flags”. Setting the data value of the Flags value to 47 (in hexadecimal) causes the “My Computer”security zone to be displayed. Setting the data value of the Flags value to 21 (in hexadecimal) causes the “My Computer” security zone to be hidden.

Editing the Registry can be a parlous project so be sure to back up the Registry first. For those who understand how to use REG files, copy the text below, paste into Notepad, and save as “showmycomputer.reg” or name of your choice. Only those who can return their computer to a previous state should try this.

Makes “My Computer” security zone visible
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]

"Flags"=dword:00000047

To reverse the process and hide the zone “My Computer”, use the following script

Hides “My Computer” security zone
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]

"Flags"=dword:00000021

For details about strengthening the security of the Local Machine or My Computer zone consult this Microsoft article.

Leave a Reply

Your email address will not be published. Required fields are marked *