2 of 10Image
Here are the key configuration changes you can make to disable various features and reduce the attack surface in Microsoft's Internet Explorer. This guide provides a walk-through of IE 6.0 but applies to the latest IE 7.0 as well.
(This guidance was prepared and distributed by Will Dorman, vulnerability analyst at Carnegie Mellon Software Engineering Institute CERT Cordination Center).
To get started, to Tools > Internet Options. Please note that these options may vary slightly depending on your browser version.
Click on the Security tab which shows the various IE security zones.
For each of these zones, you can select a Custom Level of protection. By clicking the Custom Level button, you will see a second window open that permits you to select various security settings for that zone.
The Internet zone is where all sites initially start out. The security settings for this zone apply to all the web sites that are not listed in the other security zones. We recommend the High security setting be applied for this zone.
By selecting the High security setting, several features including ActiveX, Active scripting, and Java will be disabled. With these features disabled, the browser will be more secure.
Click the Default Level button and then drag the slider control up to High.
You can click on the Custom Level button to get a more granular control over what features are allowed in the zone.
Here you can control the specific security options that apply to the current zone.
Default values for the High security setting can be selected by choosing High and clicking the Reset button to apply the changes.