My recent article on tweaking IE 7 and using Security Zones has prompted several reader questions whose answers are worth posting here. So today there will not be my usual Tip of the day, but instead there will be several Q's and their A's. If for some reason you missed the original article and would like to get up to speed, click here.
Q. Can't add a site to Trusted Zone, Why are my options "greyed out"?
A. The person who sent me this question did not specify if they were experiencing this at home, or at work, which can have different causes. If you are on your personal machine at home, the most likely cause for having any Settings or Options choices greyed out (unavailable) is that you are running in User mode. You need to be running as an Administrator to make changes to Windows' behavior. Log out of your current session by clicking on Start >Log Off and switch to a user account with administrator privilege. Now your menu choices will not be grayed out and you can make your changes. When you're finished, log off and return to your normal user account.
If you're at work and using the company's machine, it is likely that there are policies in place that prevent employees from making these kinds of changes. If you have a legitimate change (that will "help improve your productivity") that you'd like to have made, submit a request to your IT department.
**Also, some types of malware will modify your Trusted Sites zone (adding poisoned, or junk sites such as a bogus lottery) and then change a setting in your Registry which blocks -- greys outs -- your ability to go in and remove them. Use anti-spyware programs to scan your machine and remove the infection. In this case, I would start with the Microsoft Malicious Software Removal Tool.
Q. How do I remove a site from a Zone?
A. You can remove a site from any Zone by navigating to the Security tab of Internet Options as shown in the prior article, click on the zone you want to edit, and then click on the site you want to remove, as shown below. 
Now click on the "Remove" button.
Actually, the fella who sent me this question was referring specifically to the Restricted Sites zone. He either really doesn't trust Microsoft, or is trying purposely to load his machine with malware...either way, I would think twice before removing sites from the Restricted Sites zone!
Q. What should I do with these security warnings?
A. IE displays several types of warnings -- suspected phishing, ActiveX, prevented download, open site in your Trusted Zone, et al -- and so the answer depends on which warning you are getting...and what you're doing when you get them.
If you are being warned that the site you're looking at is a "suspected" Phishing site, then by all means do NOT enter any personal information! As these sites often also try to install trojan horses and malware downloaders, close down your browser and run a full antispyware sweep. Not all "suspected" sites are truly Phishing sites, sometimes mistakes happen, but in this day and age, it's better to err on the side of caution.
ActiveX is a tool (a bit like Java) that usually is used for good purposes, more often than not actually (Microsoft Update uses ActiveX, and that's something you definately want enabled), but in keeping with the thought expressed immediately above, you should decide on a case-by-case basis. If you can see and do everything you want to on a site without installing the ActiveX control, why install it?
Preventing unwanted downloads is a very good thing, so I strongly advice you: do not turn this warning feature off. Just click on the yellow bar and select "download this software" when you are downloading code. In fact, I believe this advice can be applied to all of IE's warnings. We are living in a world where the Internet is relatively unpoliced, and so while it is irritating, it is safer (and wiser) to live with these warnings that to have our identity stolen and used to commit crimes, or have our PCs turned into a spambot.
Today's free link: if you suspect a site is fraudulent and/or being used to "phish" for your personal information, and IE hasn't flagged it as such -- but you're suspicious anyway -- download McAfee's free Site Advisor. This IE "plug in" will give you a valuable 'second opinion'...and is updated more often than IE is.
Copyright 2007-8 © Tech Paul. All rights reserved.
post to jaanix
No comments:
Post a Comment