IE security zones hack- cure

For anyone who takes their internet security seriously and makes good use of their IE security settings options, there's few things more frustrating than a malware attack than disables some of those settings.

A very good security precaution with IE is to go to tools>internet options> security

where you will see four 'zones' (internet, local..., trusted, restricted)

If you set the 'internet zone' to 'high', you disable Java, Javascript, ActiveX controls etc.

In doing so you effectively disable 99% of all possible malware/virus attacks, as they rely on these scripts to attack your system.

The downside is that this also disables many aspects of decent websites that use these scripts for 'legitimate' purposes (though I would argue that most sites using these scripts do so unnecessarily, and, by doing so, are themselves responsible for the current state of internet shoddiness; but this isn't the time for that particular rant).

So, for example, some aspects on 'Home of Poi' may not function. The solution is to click on 'Trusted Sites', then on the 'sites' box, cpoy and paste the HoP address into the box and click on 'add'.

This puts HoP into your trusted zone, whose security you can set to 'medium', thus enabling HoP to run the scripts it wants.

--------------------

However, a fairly common malware/virus attack can leave some of your settings greyed out. For example an attack can add its own sites to your trusted zones, enabling it to run malicious script on your system (the aim being to trash, hack, steal credit card numbers, broadcast lists of sites you visit for 'marketing' purposes etc, etc)

Knowing that you may know enough about security to realise what its done and simply delete the changes, it may prevent this by disabling the boxes that alter security settings.

There's few things more frustrating than being unable to alter your own PCs security settings, or even being unable to view the list of addresses in your 'trusted sites' zone.

It's also very difficult to find info on the net about how to sort this out.

-------------

A recent attack left me unable to access my 'trusted sites' settings; fortunately I've managed to sort it out and I'm going to pass it on for anyone else in the same position.

It involves changing the registry, which can be very risky if you don't know what you're doing.

I'm not going to go into great detail about how to change registry settings as, if you don't know already then you shouldn't really be attempting this- get someone who does know to assist.

(I'm running win 2000, these settings will not necessarily be the same on all systems)

From Start> run type 'regedit' then go to this key: -

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\zones

(highlight the folder and go to 'Registry'> 'export...' on the top bar to save a backup in case you make a mistake.

The relevant zone is 2, so go to that

Towards the bottom is-

flags REG_DWORD

the value was set to 0x00000000 (0)

ie 'zero'

this had disabled both the ability to change the security setting and the ability to view/modify the sites in the trusted zone

'Right Click'> 'modify' and altering the value to '3', renabled both these settings

--------------------

The page which enabled me to sort this out is here: -

http://support.microsoft.com/default.aspx?scid=kb;en-us;182569

and it has a lot of info about other registry settings that affect security zones.

-----------------

Lastly, whilst searching the web looking for a solution I stumbled across this: -

https://netfiles.uiuc.edu/ehowes/www/resource.htm#IESPYAD

a useful piece of software that, via the registry, will load the internet addresses of many thousands of sites known to be malicious, into your 'restricted sites' security zone. By setting this zones security to 'high' you thus prevent these sites from loading their trashware onto your system.

(Again, bear in mind that any registry alterations are at your own risk).

Very intresting to know, thanks for the info.

-Gecko

Just use Mozilla Firefox:

http://www.mozilla.org/products/firefox/

The more secure, advanced browser out there (and fast too) It doesn't have anywhere near the amount of bugs (even SP2) has.

It is, but I use both, as there are pages which aren't completely functional on Firefox, so I use the highest security option on Internet Explorer for those

i love firefox but im waiting for my motherboard to arrive back before i can use it again... im suprised I can post on HOP without one..

fair enough, but i always send an email to the webmaster of said sites telling them that it doesn't comply with web standards (http://www.w3c.org/) and go and find a site that does work! either way, Firefox saves you hacking the registry and helps the internet get away from bad websites.

...or just use safari on OS X - that way you'll never get anything bad of the internet (that you don't want anyway) but thats not an option for most people.

anyway, thanks to onewheeldave for telling people who have to use IE for whatever reasion

I have IE,
I have had a pooter for 4 months now and although I have learned alot I am still pretty ignorant. I have played about with the security zones and stuff without really understanding what I was doing, so I found Daves post both interesting and useful.
Thank you Dave.

Cheers Lillie Frog, Gecko and Toyer

It's well worth doing some research on security as the web is full of really nasty mal/spy/ad ware and viruses. Microsft have made no real attempt to address the problem other than releasing 'patches' for each new loophole that hackers discover.

Producers of websites that rely unnecessarily on java/java script/activeX etc, don't help; hopefully, as time passes, awareness that this junk is not only uneeded, but helps maintain the current dire security situation, will increase.

Here's a link to an interesting page on some of the tactics being used, that can result in malware being pushed onto your pc when visiting supposedly 'respectable' sites-

http://www.pcworld.com/news/article/0,aid,101916,00.asp

Users of Mozilla Firefox- does anyone fancy elaborating on why it's more secure- does it not accept java/javascript/activeX? If so what does it do with sites that use those things?

The reason I've stuck with IE is that, crap as it is in security terms, at least I do know how to set it up to be at it's most secure- I'm concerned that if I download Firefox it's going to be several weeks sussing it out, during which it could get hacked.

Here's a nice detailed page with some more registry hacks for your security settings, including creating your own custom zones and how to edit the 'my computer' zone.

http://blogs.msdn.com/ptorr/archive/2004/01/29/64215.aspx