PC users who employ Internet Explorer 6 as an Internet browser
should seriously consider strengthening the security settings, especially
the ones concerning ActiveX and scripting. This is of particular concern
to those still using Windows 98/Me, who will not receive
the improved safety of newer versions of Internet Explorer.
The Internet zone is where sites not specifically placed elsewhere are placed.
Thus, the settings for this zone control most of the sites that you
will go to on the Internet. Please be aware that increased security has
a cost and that the settings given here will cause some sites to stop working
properly. In particular, ActiveX and scripting have been disabled.
Sites using these technologies will be crippled. This keeps the bad guys
out but may interfere with one of your favorite sites. If a site is safe
and is one that you use frequently , place it in the Trusted site zone,
where ActiveX and scripting are enabled. Instructions on how to do that
are on this
page.
There are quite a few settings and the particular recommendations given in
the table below are but one of many possible combinations. The recommended
settings can be modified to suit a PC user's particular pattern of surfing.
Thus, you may wish to experiment to find a combination best for your own
purposes. For example, many pages use scripts and you may wish to allow
that. Also, it is a common practice for pages to use META REFRESH for redirection.
It is also used by bad sites to trap your browser. I have left it
enabled but you may wish to disable it.
Settings for Internet security zone in Internet Explorer 6
(Red background indicates settings found only in Windows XP SP2)
| Category |
Setting |
Default |
Recommended |
| .NET Framework-reliant components (Not present in
all systems) |
Run components not signed with Authenticode |
Enable |
Disable |
| Run components signed with Authenticode |
Enable |
Enable |
| ActiveX Controls and Plug-ins |
Download signed
ActiveX controls |
Prompt |
Disable |
Download unsigned
ActiveX controls |
Disable |
Disable |
Initialize and script
ActiveX controls not marked as safe |
Disable |
Disable |
Run ActiveX
controls and plug-ins |
Enable |
Disable |
Script ActiveX controls
marked safe for scripting |
Enable |
Disable |
| Automatic prompting for ActiveX controls |
Disable |
Disable |
| Binary and script behaviors |
Enable |
Disable |
| Downloads |
File download |
Enable |
Enable |
| Font download |
Enable |
Disable |
| Automatic prompting for file downloads |
Disable |
Disable |
| Microsoft VM (only older systems) |
Java permissions |
High safety |
High safety |
| Miscellaneous |
Access data sources across domains |
Disable |
Disable |
| Allow META REFRESH |
Enable |
Enable |
| Display mixed content |
Enable |
Disable |
| Don't prompt for client certificate selection when no certificates
or only one certificate exists |
Disable |
Disable |
| Drag and drop or copy and paste files |
Enable |
Disable |
| Installation of desktop items |
Prompt |
Disable |
| Launching programs and files in an IFRAME |
Prompt |
Disable |
| Navigate sub-frames across different domains |
Disable |
Disable |
| Software channel permissions |
Medium safety |
Maximum safety |
| Submit nonencrypted form data |
Enable |
Enable |
| Userdata persistence |
Enable |
Disable |
| Allow scripting of Internet Explorer Webbrowser control |
Disable |
Disable |
| Allow script-initiated windows without size or position constraints |
Disable |
Disable |
| Allow Web pages to use restricted protocols for active content |
Prompt |
Disable |
| Open files based on content, not file extension |
Enable |
Enable |
| Use Pop-up Blocker |
Enable |
Enable |
| Web sites in less privileged web content zone can navigate into this
zone |
Enable |
Disable |
| Scripting |
Active scripting |
Enable |
Disable |
| Allow paste operations via script |
Enable |
Disable |
| Scripting of Java applets |
Enable |
Prompt |
| User Authentication |
Logon |
Automatic logon only in Intranet zone |
Automatic logon only in Intranet zone |
The settings can always be returned to the default values by using the "Default
Level"
button shown in the figure below
