Configure Internet Explorer 7's new security features
Written by IT News on 8:13 PMIf your computer already installed vista, probably you will need this following tips on configuring the lates Internet Explorer.
When you install Windows Vista, not only are you getting Microsoft's latest desktop operating system, but you are also getting the latest version of their Web browser. Internet Explorer 7 includes several new security features Active X opt-in to the Pop-up Blocker.
Protected Mode and Parental Controls
The version of Internet Explorer 7 that ships with Windows Vista includes two additional security features: Protected Mode and Parental Controls. This feature prevents malicious users from changing any files or settings without your explicit permission. It is enabled by default for all security zones, except the Trusted Site zone. You can enable or disable Protected Mode from the Security tab within the Internet Options window.
Blocking unacceptable content with Parental Controls
Businesses can use the Parental Controls feature to prevent against unacceptable Web usage. Parental Controls can be configured on the Content tab within the Internet Options window. It is also accessible through the Windows Vista Control Panel.
Enabling and disabling the Active X opt-in
Internet Explorer 7 introduces the Active X opt-in. Previous versions of the Web browser did little to protect against harmful Active X controls. With Active X opt-in, Active X controls that are installed on your computer are disabled. If a Web site needs to run one of the disabled controls, you can choose whether to allow the control to run or not. You can also disable Active X opt-in on a per-zone basis. By default, it is enabled on the Internet zone and the Restricted Sites zone. To disable this feature, open the Internet Options window and select the Security tab. Click the appropriate zone and click the Custom level button.
Enable and disable the Phishing filter
IE 7 protects against phishing scams through the Phishing Filter. It is designed to protect you from phony Web sites that attempt to gather personal information about you when you are online. The tool requires little to no configuration. Once it is enabled through the Internet Options window, it will run in the background without your intervention. To enable or disable the phishing filter: 1. Within Internet Explorer, click Internet Options from the Tools menu. 2. Click the Advanced tab. 3. Under the phishing filter, select the appropriate option. 4. Click OK.
Clearing your browsing history
Internet Explorer 7 makes it easier to delete your browsing history. You no longer have to navigate to different locations on your computer to delete your history, cookies, temporary Internet files and so on. Instead, you can delete your entire browsing history from a single location by clicking a single button. This includes deleting: Temporary Internet Files Cookies History Form data Passwords To access the 'Delete Browsing History' window: 1. Open your browser. 2. From the Tools menu, click Delete Browsing History. 3. Click the appropriate button or click Delete all. 4. Click OK.
Secure Sockets Layer (SSL) and Transport Layer Security (TLS) in IE 6
HTTPS uses either Secure Sockets Layer (SSL) or Transport Layer Security (TLS) to protect data. Recall that the previous version of Internet Explorer (IE 6) used SSL 2.0 when connecting to secure servers. As you can see from the graphic (IE 6) , SSL 1.0 and SSL 2.0 are enabled by default in IE 6 and TLS 1.0 is disabled. This is no longer the case in Internet Explorer 7.
Enabling and disabling SSL 2.0
IE 7 no longer uses SSL 2.0 for websites that require HTTPS encryption and it is now disabled by default. Instead, IE 7 uses SSL 3.0 and TLS 1.0 because they are more secure. Note: If an error is displayed when accessing a website that uses SSL 2.0, you can enable it on the Advanced tab within the Internet Options window.
Displaying mixed content on pages that mix HTTPS and HTTP
Another security change that you will notice is that Internet Explorer will prompt you to display mixed content when you access a Web page that mixes HTTPS and HTTP. The default value for this setting is Prompt. If you select Disable, IE will only display secure content. Although not recommended, you can select Enable which will force IE to display all HTTP content without prompting you. To change the behavior for displaying mixed content: 1. Open Internet Explorer. 2. From the top menu, click Tools then Internet Options. 3.Click the Security tab. 4. Click the Custom Level button. 5. Scroll down to the Miscellaneous section. 6. Change the value for the Display mixed content option. 7. Click OK.
Pad lock indicates HTTPS Web page
It is now easier to tell when you access an HTTPS Web page. The previous version of Internet Explorer displayed an icon at the bottom of the window and it often went unnoticed by users. Now, when you access an HTTPS Web page, a pad lock is displayed to the right of the address bar, making it more visible.
Viewing digital certificate information
Not only does the pad lock let you know when you're accessing HTTPS Web sites, but you can also click the pad lock to view a report. The report will provide you with information about the digital certificate used to encrypt the connection such as who issued it.
Pop-up Blocker
Earlier versions of Internet Explorer allowed pop-ups to open in new windows. IE 7 includes the Pop-up Blocker that prevents unwanted pop-ups from appearing while still allowing pop-ups from certain sites. The Pop-up Blocker is enabled by default. It can be disabled from the Tools menu within Internet Explorer, although this is not recommended.
Customizing Pop-up Blocker
The Pop-up Blocker can be customized by selecting the Pop-up Blocker Settings option. You can allow pop-ups from specific web sites by adding the URL to the list of Allowed sites. At the bottom of the Pop-up Blocker Settings window, you can change the filter level. The filter level will determine what pop-ups are blocked. The default value is Medium: Block most automatic pop-ups.
Internet security zones
The security zones in Internet Explorer 7 have been changed to make the browser more resistant to attacks. The browser still includes the four security zones: Internet, Intranet, Trusted Sites and Restricted sites, but you will see some subtle changes. The default level for the Trusted Sites zone is now set to Medium. In IE 6, it was set to Low.
Intranet zone disabled by default
To prevent against zone-spoofing attacks, the Intranet zone is now disabled if IE 7 determines that the computer is not connected to a domain. All sites are then treated as one in the more secure Internet zone. Note: In a zone-spoofing attack, attackers can fool the web browser into thinking that it is a trusted site.
Security alert
Internet Explorer 7 will alert you when your browser's security settings may be putting you at risk by presenting an Information Bar. You can quickly and easily reset the security settings by clicking the Information Bar and selecting the Fix Settings for Me.
Fix Security Settings option
When you select the Fix Settings for Me option from the Information Bar, a prompt will appear asking you if you want to fix your settings. Click the Fix Settings button to restore your Internet Explorer security settings to their defaults.
Internet Explorer (No Add-ons Mode)
If you are experiencing odd behavior with your browser, such as hanging or crashing, it could be due to an add-on. The best way to determine if an add-on is the culprit, is to start Internet Explorer with no add-ons. To start IE 7 in 'No Add-ons Mode': click Start, All Programs, Accessories, System Tools and click Internet Explorer (No add-ons). When started in this mode, only the critical system add-ons are enabled.
0 comments: Responses to “ Configure Internet Explorer 7's new security features ”