XPS is a new standard image format adopted by Microsoft in Windows Vista OS. Hackers can take advantage of vulnerabilities in documents / images in XPS format to analyze and attack users. Therefore, the less the OS supports document formatting, the safer the computer. While this may have a slight impact on XPS viewing, you can view this format document with tools other than IE.
How to do :
Open IE: Tools -> Internet Options -> tab Security -> Internet zone -> Custom Level -> XPS documents: Disable .
2. Disable download font
Sometimes surfing the web, it is possible that web pages containing international characters require you to install a new font to view the content of the page, of course, this is also a 'potential danger'! If you don't normally browse the web outside of your official language, remove this functionality.
How to do :
Tools -> Internet Options -> tab Security -> Internet zone -> Custom Level -> Font download: Disable .
3. Disable the root directory path when uploading files
When we upload a file to a web server (for example, uploading a photo to a blog .), the browser will have the option to send the file name or root path of the file, even if the website only needs the file name. The link to the file upload folder will provide identification information on your computer, for example ' C: UsersnguyenkhoaPicturesblog.gif ' will 'reveal' your computer login account 'nguyenkhoa' .
How to do :
Tools -> Internet Options -> tab Security -> Internet zone -> Custom Level -> Include local directory file path when uploading files to a server: Disable .
4. Disable confirmation message if you are inclined to select 'Yes'
The default security mode on the Security tab is ' Prompt ' - a confirmation message will appear every time you perform certain tasks. If you are inclined to the 'Yes' option, ie agree with most of these tasks, you can simply delete the notification by changing the default 'Prompt' to 'Disable'.
How to do :
Tools -> Internet Options -> tab Security -> Internet zone -> Custom Level .
5. Always warn about login / password accounts
For users of both home and business computers, the auto-logon function is quite useful and saves time, but if someone uses your computer accidentally or intentionally Also, your login information may leak .
How to do :
Tools -> Internet Options -> tab Security -> Internet zone -> Custom Level -> User Authentication -> Logon: Prompt for username and password .
6. Disable SSL 2.0 support
SSL2 (Secure Socket Layer - a secure communication protocol on the Internet) has long been said to be unsafe, not suitable for financial-related jobs . Websites worldwide if supported only SSL2 support (which is not SSL3, TLS), most of them will either tend to be exploited, or 'backward' to the point that they can become a 'threat' to web surfers when accessing.
How to do :
Tools -> Internet Options -> Advanced tab -> Use SSL 2.0: uncheck the check box.
7. Enable TLS support
TLS (Transport Layer Security) is an improved and more advanced step than the SSL protocol mentioned above, it even enhances security over SSL3.
How to do :
Tools -> Internet Options -> Advanced tab -> Use TLS 1.0: check .
8. Disable the search feature from the address bar
In IE, math errors, printing errors and many other errors . are cut (cut) - pasted into the address bar and automatically sent to search engines, so sometimes you can be exposed. Personal information if using this feature.
How to do :
Tools -> Internet Options -> Advanced tab -> Search from the address bar: Do not search from the address bar .
9. Remove unnecessary add-ons
Sometimes, the integration of many add-ons into IE is not really necessary, even counterproductive when some of these add-ons make security mistakes and are easily exploited by hackers. So check the add-on library in IE and keep only those add-ons that are useful and you trust.
How to do :
Tools -> Internet Options -> tab Programs -> Manage Add-ons
10. Remove old Java versions
There are many reasons, but perfecting new Java versions is better than upgrading from the old version to the new version. According to the explanation of senior security expert Jeff Forristal at Zscaler, hackers can still take advantage of the "flaws" in older Java versions to exploit and attack, and for newer versions - fixed. That 'defect' - can make web surfers safer.