Sunday, September 07, 2008   
  Search  
 
 
Register  Login  
Forums  
     Minimize  

Welcome to MeraWindows forums.

Thank you for being at the Microsoft Windows Community Site. You may have to register before posting in forums. It's absolutely free. After registering, you can get all the benefits available to our registered members, you can access our Downloads section, you can participate in contests, etc. You can post in forums in English as well as in Hindi, in fact we encourage you to use Hindi in your posts. If you have any problem with registration or login, please contact us.
     
  


 
  Microsoft Windows Forums  Windows Applica...  Internet Explor...  Internet Explorer Security Zone Restrictions
Previous Previous
 
Next Next
New Post 8/14/2007 5:30 PM
User is offline Parul
356 posts
Advanced Member


Internet Explorer Security Zone Restrictions 

Security levels and zones are core parts of Internet Explorer’s security features. You can display security options for Internet Explorer by clicking Tools, selecting Internet Options, and then clicking the Security tab in the Internet Options dialog box.

By default, Internet Explorer always runs in protected mode. You can enable or disable protected mode by selecting or clearing the Enable Protected Mode check box. The standard levels of security that you can use are:

  • High This level is appropriate for sites that might contain harmful content. Internet Explorer runs in its highest protected mode with maximum safeguards and in which less secure features are disabled.

  • Medium-high This level is appropriate for most sites. Internet Explorer prompts you prior to downloading potentially unsafe contents and disabling downloading of unsigned ActiveX controls.

      Note:

    Medium-high is a new security level in Internet Explorer 7, and it is also the default level for the Internet security zone.

  • Medium This level is appropriate only for trusted sites. In this mode, Internet Explorer prompts you prior to downloading potentially unsafe contents and disables downloading of unsigned ActiveX controls.

  • Medium-low This level is appropriate only for sites on your internal network. In this mode, Internet Explorer runs most types of content without prompting but does disable downloading of unsigned ActiveX controls.

  • Low This level is appropriate only for sites you absolutely trust, such as secure internal sites. In this mode, Internet Explorer uses minimal safeguards, and most content is downloaded and run without prompts.

To help you manage when the various security levels should be used, Internet Explorer defines four standard security zones:

  • Internet This zone is for Internet sites, except those listed in trusted and restricted zones. By default, the Internet zone uses medium-high security.

  • Local Intranet This zone is for all sites that are on your internal network (intranet). By default, the Local Intranet zone uses medium-low security.

  • Trusted Sites This zone is for all sites that you have specifically identified as trusted and requiring the lowest level of safeguarding against possible damage. By default, the Trusted Sites zone uses a custom security level that is close to medium security.

  • Restricted Sites This zone is for all sites that you have identified as restricted and requiring the highest level of safeguarding against possible damage. By default, the Restricted Sites zone uses high security.

You can change the default behavior by setting a new security level for a zone, if permitted. For example, you could increase security for the Internet zone by setting the security level to High. With any security levels except Restricted Sites, you can set a custom security level as well. With a custom security level, you configure individual security settings for content and downloads in any way desired.

In addition to creating the new medium-high security level, Internet Explorer prevents you from using certain security levels in some security zones. When working with security zones and levels, you’ll need to keep the following in mind:

  • In the Internet security zone, only the high, medium-high, and medium security levels are available. However, you can set a custom security level that is less secure. If you select the Internet zone and click the Default Level button, the security level is set to Medium-High.

  • In the Local Intranet security zone, any of the security levels can be used. If you select the Local Intranet zone and click the Default Level button, the security level is set to Medium-Low.

  • In earlier versions of Internet Explorer, trusted sites use a custom low security level. Now trusted sites use a custom medium security level by default. If you select the Trusted Sites zone and click the Default Level button, the security level is set to Medium.

  • In earlier versions of Internet Explorer, restricted sites use a custom high security level that you can reset to any other security level. Now restricted sites use a nonconfigurable high security level. However, you can set a custom security level that is less secure.

    For the Internet and Restricted Sites zones, Internet Explorer displays a warning on the information bar specifying that your security settings put your computer at risk if you use a custom security level lower than the default security level. You can restore the default security level by right-clicking the information bar and then selecting Fix Settings For Me. When prompted, click Fix Settings to restore the defaults.

Posted in Vista | No Comments »

Understanding Internet Explorer Protected Mode

July 9th, 2007

Unlike earlier versions of Internet Explorer, which have access to the operating system and running applications, Internet Explorer 7 operates in a protected mode, which isolates it from other applications in the operating system and prevents add-ons from writing content in any location beyond temporary Internet files folders without explicit user consent. Isolating Internet Explorer from other applications and restricting write locations prevents many types of malicious software from exploiting the computer. To further protect Windows Vista computers from malicious software, many other safeguards are in place, including:

  • Add-on restrictions

  • Domain and URL restrictions

  • Security zone restrictions

 

Understanding the Internet Explorer Add-Ons Restrictions

By default, ActiveX controls that can run in Internet Explorer 7 are limited. Preinstalled ActiveX controls are disabled by default to prevent potentially vulnerable controls from being exposed to attack. Internet Explorer also has a special Add-Ons Disabled mode in which all browser extensions and add-ons are disabled (except for critical add-ons that are part of the browser core components). To start Internet Explorer in Add-Ons Disabled mode, click Start, point to All Programs, Accessories, System Tools, and click Internet Explorer (No Add-Ons), or rightclick the Internet Explorer icon on the desktop and select Internet Explorer (No Add-Ons).

Internet Explorer 7 also makes its easier for you to manage installed add-ons by using the Manage Add-Ons dialog box. These changes allow you to easily determine which add-ons have been downloaded and installed as well as which add-ons are currently loaded in Internet Explorer. Most downloaded add-ons can be easily disabled and deleted as well.

To view and manage downloaded add-ons, follow these steps:

  1. In Internet Explorer, click Tools, click Manage Add-Ons, and then select Enable Or Disable Add-Ons.

  2. In the Show drop-down list, select Downloaded ActiveX Controls.

  3. Click the downloaded add-on you want to work with.

  4. To disable the add-on, click Disable. The add-on is then prevented from running in Internet Explorer.

  5. To delete the downloaded add-on, click Delete ActiveX. The add-on is then permanently removed from Internet Explorer

 

Understanding the Internet Explorer Domain and URL Restrictions

Internet Explorer 7 supports both standard English domain names and internationalized domain names. English domain names are domain names represented using the letters A–Z, the numerals 0–9 and the hyphen. Internationalized domain names are domain names represented using native language characters.

Because Internet Explorer supports internationalized domain names, Microsoft wanted to find a way to help ensure that international characters aren’t used to make a site seem like something it isn’t. This is where international domain name anti-spoofing comes into the picture. International domain name anti-spoofing is designed to protect you against sites that could otherwise appear as known, trustworthy sites. If you visit a site that uses characters that are visually similar to a known trusted site, Internet Explorer displays a warning notification.

Another protection added to Internet Explorer has to do with URL handling. Internet Explorer 7 features a redesigned URL handler, which protects the computer from possible URL parsing exploitations, such as URLs that attempt to run commands or URLs that perform suspect actions.

source- http://www.windowsvistasecrets.info/
 
New Post 8/14/2007 5:34 PM
User is offline Piyush Gupta
1834 posts
www.piyushworld.com
MW Addict


Re: Internet Explorer Security Zone Restrictions 

Thanx a lot parul for these security zones its a awsome guide for a newbie

Read Forum Guidelines before posting
 
New Post 8/14/2007 7:31 PM
User is offline Parul
356 posts
Advanced Member


Re: Internet Explorer Security Zone Restrictions 

my pleasure :)
 
New Post 8/14/2007 9:19 PM
User is offline Vishal Gupta
6001 posts
www.AskVG.com
Ultimate Member








Re: Internet Explorer Security Zone Restrictions 

Thats nice article. thnx for sharing it.

Microsoft Windows MVP

Tweaking with Vishal

How to Use Smiley Code in Forum?
Promote MeraWindows at Your Blog / Site
Read Forum Guidelines
 
New Post 8/20/2007 2:31 PM
User is offline Parul
356 posts
Advanced Member


Re: Internet Explorer Security Zone Restrictions 

thanx Vishal
 
 Page 1 of 212Next 
Previous Previous
 
Next Next
  Microsoft Windows Forums  Windows Applica...  Internet Explor...  Internet Explorer Security Zone Restrictions
   Get Your Own E-Mail Account @MeraWindows.com Minimize  
New Page 1 New Page 1
Show your cool quotient with @merawindows.com email account
     
  
 
 
Terms Of Use   Privacy Statement  
© 2008 MeraWindows.com