The Advanced tab
contains settings that apply to all of the security zones. We recommend that
you disable the Enable third-party browser extensions option.
This option includes toolbars and Browser Helper Objects (BHOs). While some
add-ons can be useful, they also have the ability to violate your privacy. For
example, a browser add-on may monitor your web browsing habits, or even change
the contents of web pages in an attempt to gather personal information.
Browsing Author: Chris Brook
The Advanced tab
Alternatively, if you do not wish to
receive warning dialogs when a site attempts to set a cookie, you can use Internet
Explorer’s pre-set privacy rules. Click the Default button and
then drag the slider up to High. Note that some web sites may fail
to function properly with the High setting. In such cases, you
may add the site to the list of sites for which cookies are allowed, as
By selecting the Sites… button,
you can manage the cookie settings for specific sites. You can add or remove
sites, and you can change the current settings for existing sites. The bottom
section of this window will specify the domain of the site and the action to
take when that site wants to place a cookie on your machine. You can use the
upper section of this window to change these settings.
You can then evaluate the
originating site, whether you wish to accept or deny the cookie, and what
action to take (allow or block, with the option to remember the decision for
all future cookies from that web site). For example, if visiting a web site
causes a cookie prompt from a web domain that is associated with advertising,
you may wish to click Block Cookie to prevent that domain from
being able to set cookies on your computer, for privacy reasons.
US-CERT recommends that you select
the Advanced button and select Override automatic
cookie handling. Then select Prompt for both first and
third-party cookies. This will prompt you each time a site tries to place a
cookie on your machine. If the number of cookie prompts is too excessive, the
option to Always allow session cookies can be enabled.
The Privacy tab
contains settings for cookies. Cookies are text files placed on your computer
by various sites that you visit either directly (first-party) or indirectly
(third-party) through ad banners, for example. A cookie can contain any data
that a site wishes to store. It is often used to track your computer as you
move through a web site and store information such as preferences or
Keep in mind that when the Internet
Zone is set to High, you may encounter web sites that do not
function properly due to one or more of the associated security settings. This
is where the Trusted sites zone can help. If you trust that
the site will not contain malicious content, you can add it to the list of
sites in the Trusted sites zone. Once a site is added to this zone, features
such as ActiveX and Active scripting will be enabled for the site.
The Trusted sites zone
is a security zone for
sites that you think are safe to visit. You believe that the site is designed
with security in mind and that it can be trusted not to contain malicious
content. To add or remove sites from this zone, you can click the Sites button.
This will open a secondary window listing the sites that you trust and
permitting you to add or remove them.
For a more fine-grained control over
what features are allowed in the zone, click the Custom Level button.
At this point, you can control the specific security options that apply
to the current zone. For example ActiveX can be disabled by selecting Disable for Run
ActiveX controls and plug-ins.
Default values for the High security
setting can be selected by choosing High and clicking
the Reset button to apply the changes.
Select the Security tab.
This provides a list of the various security zones that Internet Explorer uses.
For each of these zones, you can select a Custom Level of protection. By
clicking the Custom Level button, you will see a second window
open that permits you to select various security settings for that zone.
The Internet zone is where all sites initially start out. The
security settings for this zone apply to all the web sites that are not listed
in the other security zones.