Blocking Spyware In Internet ExplorerThere are several settings in Internet Explorer which will make it harder for malware to install itself on your computer. What we're primarily defending against here is the Drive-By Download, where web sites attempt to install "features" onto your computer without notifying you. The following steps will tell Internet Explorer to verify anything unusual. Open Internet Explorer, and pull down the Tools menu. Select Internet Options. When the window comes up, switch to the Security tab. Here we see a series of icons defining which "zone" of web sites we want to control. Select the Internet icon, and then the Custom Level button. Another window will pop up. Scroll down to the section "ActiveX Controls and Plugins." Make sure the following are set: 1. Download Signed ActiveX Controls (set to Prompt). This category is for sites that bought a Certificate, which implies their programs are always good-which isn't a safe assumption. Set to "Prompt" so that you have veto control. 2. Download Unsigned ActiveX Controls (set to Disable). If they don't even have a certificate, it's very likely we don't want it on our system. 3. Initialize ActiveX controls not marked as safe (set to Disable) 4. Run ActiveX Controls and Plug-ins (set to Prompt) We don't want to completely eliminate ActiveX controls, but we do want a say in which get to run. 5. Script ActiveX controls marked safe for scripting (set to Prompt). Note that we could set these settings to their highest level, allowing nothing to run-which would almost certainly block any attempt at drive-by downloads. Unfortunately, doing that would likely also prevent such useful items as Flash and Shockwave from running. So, we'll aim for a mid-range security level instead. If you have no need of Flash, please, feel free to set the controls at the most secure. And finally, none of these settings will block spyware that's bundled with another program. These settings are for stopping drive-by downloads. |