Internet Explorer Security Settings
Recommended by Fred Langa on his site langa.com
I am not recommending these settings for everyone, but they work for me. Feel free to use them as a starting point to develop the settings that fit your specific needs and situation. Again, these are all accessible via Tools/Internet Options/Security and then selecting "Custom Level."
ActiveX controls and plug-ins
Automatic prompting for ActiveX controls
Disable
Binary and script behaviors
Enable
Download signed ActiveX controls
Prompt
Download unsigned ActiveX controls
Disable
Initialize and script ActiveX controls not marked as safe
Disable
Run ActiveX controls and plug-ins
Enable
Script ActiveX controls marked safe for scripting
Enable
Downloads
Automatic prompting for file downloads
Disable
File download
Enable
Font download
Prompt
Miscellaneous
Access data sources across domains
Disable
Allow META REFRESH
Enable
Allow scripting of Internet Explorer Webbrowser control
Disable
Allow script-initiated windows without size or position constraints
Disable
Allow Web pages to use restricted protocols for active content
Prompt
Display mixed content
Prompt
Don't prompt for client certificate selection when no certificates or only one certificate exists
Disable
Drag and drop or copy and paste files
Enable
Installation of desktop items
Prompt
Launching programs and files in an IFRAME
Prompt
Navigate sub-frames across different domains
Prompt
Open files based on content, not file extension
Enable
Software channel permissions
High safety
Submit nonencrypted form data
Prompt
Use Pop-up Blocker
Enable
Userdata persistence
Enable
Web sites in less privileged web content zone can navigate into this zone
enable
Scripting
Active scripting
Enable
Allow paste operations via script
Prompt
Scripting of Java applets
Enable
User Authentication
Logon
Automatic logon only in Intranet zoneĀ