about IE7 SECURITY.

Status
Not open for further replies.

anandk

Distinguished Member
is IE7 really more secure than IE6? yep ! most definately ! IE 7 resolves many security weaknesses, which microsoft never got around to patching in IE 6.

IE7 includes several security enhancements. this article list the imp security enhancements in ie7 viz.
Better zone control
ActiveX opt-in
Phishing filter
Protected Mode
click *itmanagement.earthweb.com/columns/executive_tech/article.php/3639566 for more on them.

Brain Livingston has some good tips on HOW u can HARDEN IE7 SECURITY.
some of these tips , may interfere will the operation of some legit websites. eg, disabling "active scripting" turns off javascript, which may be essential... :arrow: so use ur discretion.

open IE7 > Tools > Internet Options > Security tab > Internet zone;
the security level by default should be set to medium-high.
select the custom level button and set the following :

.NET Framework
Loose XAML: Disable
XAML browser applications: Disable
XPS documents: Disable

ActiveX controls and plug-ins
Binary and script behaviors: Disable
Run ActiveX controls and plug-ins: Disable
Script ActiveX controls marked safe for scripting: Disable

Downloads
Font download: Disable
Enable .NET Framework setup: Disable

Enable .NET Framework setup: Disable

Miscellaneous
Allow META REFRESH: Disable
Allow Web pages to use restricted protocols for active content: Disable
Display mixed content: Disable
Drag and drop or copy and paste files: Disable
Installation of desktop items: Disable
Launching applications and unsafe files: Disable
Launching programs and files in an IFRAME: Disable
Navigate sub-frames across different domains: Disable
Software channel permissions: Maximum Safety
Submit non-encrypted form data: Disable
Userdata persistence: Disable
Web sites in less privileged Web content zone can navigate into this zone: Disable

Scripting
Active scripting: Disable
Allow programmatic Clipboard access: Disable
Scripting of Java applets: Disable

u can also download a good pdf book from here :
10 things you should know about Internet Explorer 7 Security

*downloads.techrepublic.com.com/abstract.aspx?docid=266226&tag=nl.e064
 
OP
anandk

anandk

Distinguished Member
Secunia provides harmless test pages that can show you whether a particular browser is vulnerable to a known security threat. You should test every browser that you use.

Secunia's test for the MHTML hole is linked to from two separate pages that apply to IE 7 and IE 5/IE 6 and Outlook Express 5.5 and 6.

details about ie7 *secunia.com/advisories/22477/

for testing ur ie7 click *secunia.com/Internet_Explorer_Arbitrary_Content_Disclosure_Vulnerability_Test/

details about the ie6 issue *secunia.com/advisories/19738/
for ie6 testing there is another link given somewhere on that page.

ie users u may not like the results....:mad:


those using firefox, may find this more interesting :
Mozilla Firefox and SeaMonkey Multiple Vulnerabilities, this 'highly critical' secunia advisory issued a day or two back click *secunia.com/advisories/22722/
 
Status
Not open for further replies.
Top Bottom