Table of Contents

Using security zones
Adding and Removing sites from a zone
Creating a Custom Security Zone
Configuring Security Settings
Global Security Settings
Using Content Advisor
Managing ActiveX Controls
Managing Java Applets
Managing Scripts

Within this document I am talking about changing the contents of the Registry. Always be sure to make a backup before changing. You can do this in the Registry Editor by clicking File, Export and following the prompts.


The components that make up Internet Explorer are tightly integrated into the Windows environment, so making changes to them affects many other programs including Outlook (Express) and Windows Media Player. Be aware of the changes you make!
Even if you mistype an address you might fall into the hands of someone who has bad intentions. A simple example is the well known search engine of Google. If you mistype this as Goggle, you'll end up at a site for SpyBouncer...|

Every day, new security holes are found in Internet Explorer, so you should always keep Internet Explorer up-to-date, even if you use another browser like Opera or Firefox. By not updating you might leave holes to be used in other programs.

Another cause for trouble is active content. ActiveX controls and Java applets can bring the net to life, but they also introduce possible risks in that they will have programming errors that can be used maliciously.


Security zones are the first line of defense in Internet Explorer. There are four zones in a normal installation of Windows.

Local Intranet - all sites behind the firewall. For home users this would mean the other computers in your household. These sites are usually given a high level of trust.

Trusted sites - sites you have given your trust. These are given the highest trust, and is empty after you installed Windows.

Restricted sites - sites you distrust. This zone is empty after the Windows installation as well.

Internet - the rest...

There is a fifth zone in the form of My Computer, but this is normally not configurable. ActiveX controls that were installed on the computer by Windows run in this zone. The controls you download do not! Also URLs that reference files on your computer run in My Computer (files you save from the Internet continue to run in the security zone attached to that site though).

What does all this mean? If you install a program such as Adobe Acrobat, you download the installer from the Internet. When you run that file, it will run in the Internet Zone (provided you didn't put Adobe in the Restricted or Trusted Zone!). Once the program has been installed, when you start Acrobat it will run in My Computer. If Adobe also installed a file that will be opened by Internet Explorer, for example ReadMe.html, this will also run in My Computer.