Internet Explorer 7 Desktop Security Guide examines some of the new features and settings that can be modified to provide a more "locked down" security configuration.
Internet Explorer 7 Settings "32 Step" Checklist
- Zone Security
- Enable Zone Elevation Protection
- Do not allow users to add or delete sites from Security Zones
- Do not allow users to change policies for Security Zones
- Certificate Security
- Enable Prevent Ignoring Certificate Errors
- Active Content Security
- Restrict ActiveX Install
- Add ActiveX controls and plug-ins to pre-approved list
- Disable Allow active scripting in response to specific threats
- Enable Scripted Window Security Restrictions
- Reduce Application Privilege
- Use Protected Mode on Windows Vista
- Use DropMyRights on Windows XP
- Privacy Settings
- Set the Privacy Slider at least to Medium
- Empty Temporary Internet Files folder when the browser is closed
- Set Form Autocomplete options to Disabled
- Disable Password Caching
- Configure Logon options for Each Security Zone
- Enable the Phishing Filter
- Other Security Settings
- Disable Automatic Install of Internet Explorer Components
- Disable Periodic Check for Internet Explorer Software Updates
- Disable Software Update Shell Notifications on Program Launch
- Make proxy settings per machine (rather than per user)
- Turn off Crash Protection
- Disable page transitions
- Restrict File Downloads
- Disable Allow File Downloads for Restricted Zone
- Enable Data Execution Prevention
- Do not allow users to enable or disable add-ons
- Ensure Consistent MIME Handling
- Enable MIME Sniffing Safety Features
- Display Information Bar
- Enable MK Protocol Security Restriction
- Enable Object Caching Protection
- Block attachments that could contain a virus in Outlook Express
