Configuring Internet Explorer Securely
Now that you have a clear understanding of the types of malware in existence and the steps Microsoft has taken to prevent you from being exploited, lets discuss how to configure and use these tools and settings. With Internet Explorer 7, there are many ways to improve security. Internet Explorer 7 in Windows Vista represents a major step forward in browser security and privacy protection. All of Internet Explorer 7s security features revolve around making your computer and Web browsing experience all that it canand shouldbe.
Internet Explorer 7 has a new mode, called Protected Mode. When in Protected Mode, the browser will run without fear of malware taking over with elevated privileges. In addition to providing a more secure architecture in which to work, Protected Mode also assists with handling and verifying any scripted or automated action that would move data around the system, such as from the Temporary Internet Files folder, a haven for malware. Figure 2.1 shows the browser with Protected Mode enabled (or on) by default.
This article is excerpted from Vista for IT Security Professionals. To order this book, please visit Syngress.
Internet Explorer 7 allows for tighter control and security when working with ActiveX components. Many attacks have exploited ActiveX in the past. ActiveX components can handle file download and installation for the computer user. Although this is handy, malware takes full advantage of it whenever it can. ActiveX runs only on Microsoft-based systems, as it is made and updated by Microsoft in a proprietary fashion.
A new feature called ActiveX Opt-In will disable all ActiveX controls that havent been prescreened. In other words, if an ISV does not preset the control to work with Vista and Internet Explorer 7, it will not work. In fact, the security status information bar in Internet Explorer 7 will give you the option to work with each ActiveX control on a case-by-case basis. This allows the user to know exactly what each control is doing, whats being installed, and so on.
ActiveX is a software technology developed by Microsoft that enables Internet Explorer to download applets and other tools and programs to be used with the browser to display pictures and video as examples. These programs are similar to Java applets, although Java is not constrained to using Microsoft-based products only.