Enterprise Software

10 things you should know about Internet Explorer 7 Security

Internet Explorer 7 is designed to make browsing safer. Here's a quick rundown of some of the new security features, including Active X opt-in, the Phishing Filter, cross-domain security, enhanced privacy protection, and an international character alert.

This article is available as a PDF download. It's also part of the collection "100 things you should know about Windows Vista."

Some sensationalistic reports of a security flaw immediately followed Internet Explorer 7's final release, but the vulnerability turned out to be in Outlook Express rather than IE. In fact, Microsoft has put a great deal of effort into making IE 7 more secure. Here are some of the new IE 7 security features and what they can do for you.

#1: Default protection from potentially dangerous Active X controls

Active X controls that haven't been checked out and verified as safe no longer run automatically by default; instead they're automatically disabled by the Active X opt-in feature.

#2: Per-zone control of Active X opt-in

You can disable Active X opt-in on a per-zone basis. It's enabled by default on the Internet and Restricted Sites zones for better security and disabled on the Intranet and Trusted Sites zones.

#3: Site and zone locking for Active X controls

Developers can now make their Active X controls more secure by restricting a control to run only on a particular site (site locking) or only in a specific security zone (zone locking).

#4: Protection against phishing

IE 7 introduces the Phishing Filter, which helps protect users from being fooled into entering personal information or passwords that can be collected and used for identity theft. The Phishing Filter automatically checks the Web sites you visit against a list of known phishing sites and issues a warning if the site has been identified as a phishing site. If you prefer not to have sites checked automatically, you can check specific sites when you suspect they might be phishing sites.

#5: Cross-domain security

A attack tactic called cross-domain scripting is prevented by new IE 7 security mechanisms that force scripts to run in the their original security context even if they're redirected to a different security domain.

#6: Locked down security zones

Security zones in IE 7 are locked down tighter than before, with higher default security settings, disabling of the Intranet zone on non-domain computers, and an interface that makes it harder to select low or medium low security.

#7: Better SSL/TLS notification and digital certificate info

Users of IE 7 can more easily determine whether a Web site is secured by SSL/TLS and get information on the digital certificates issued to the site. Sites with high assurance certificates cause the address bar to turn green.

#8: Privacy protection features

Three new registry keys, called Feature Control keys, prevent HTML from getting a user's personal information. In addition, you can easily clear out information you've entered in Web pages, as well as the browser cache (Temporary Internet Files), history, cookies and other personal info, with a single click.

#9: Address bars

All browser windows in IE7 contain address bars, so it's harder for a malicious site to conceal its identity by hiding the URL of the site.

#10: International character alert

IE 7 supports international characters, but to prevent spoofing that exploits the similarity of characters in different languages, the browser warns you that the characters are in another language when international character sets are used.


Debra Littlejohn Shinder, MCSE, MVP is a technology consultant, trainer, and writer who has authored a number of books on computer operating systems, networking, and security. Deb is a tech editor, developmental editor, and contributor to over 20 add...

Editor's Picks