Browser Security News

For most computer users and administrators, securing Internet Explorer means deploying the latest security patches and tightening their Internet Properties. While they definitely improve security, they all overlook the significant amount of control Group Policy gives you over IE. Besides being a great security enhancement, it is also a time saver for administrators who need to deploy IE security settings across the entire domain.

In order to secure Internet Explorer, we need to restrict some of its functionality. The types of functionality that should be restricted include anything that gives the ability to execute remote code. This includes anything from plug-ins, scripts and so on.

Restricting IE functionality is possible using Group Policy (GPO). Group Policy gives system administrators a fair amount of control over Internet Explorer, particularly under Windows XP Service Pack 2. If your domain server runs anything but Windows 2003 server, we strongly recommend managing domain policies using a Windows XP SP2 client. You can start Group Policy from the command line with the command gpedit.msc. IE Security Tweaks with GPO - IT Observer