Default settings for various Internet Explorer 6 security zones
(Red background indicates settings found only in Windows XP SP2)
Category Setting Internet Trusted Restricted
.NET Framework-reliant components (Not present in all systems) Run components not signed with Authenticode Enable Enable Disable
Run components signed with Authenticode Enable Enable Disable
ActiveX Controls and Plug-ins Download signed
ActiveX controls
Prompt Enable Disable
Download unsigned
ActiveX controls
Disable Prompt Disable
Initialize and script
ActiveX controls not marked as safe
Disable Prompt Disable
Run ActiveX
controls and plug-ins
Enable Enable Disable
Script ActiveX controls
marked safe for scripting
Enable Enable Disable
Automatic prompting for ActiveX controls Disable Enable Disable
Binary and script behaviors Enable Enable Disable
Downloads File download Enable Enable Disable
Font download Enable Enable Disable
Automatic prompting for file downloads Disable Enable Disable
Microsoft VM (only older systems) Java permissions High safety Low safety Disable Java
Miscellaneous Access data sources across domains Disable Enable Disable
Allow META REFRESH Enable Enable Disable
Display mixed content Enable Enable Disable
Don’t prompt for client certificate selection when no certificates or only one certificate exists Disable Enable Disable
Drag and drop or copy and paste files Enable Enable Disable
Installation of desktop items Prompt Enable Disable
Launching programs and files in an IFRAME Prompt Enable Disable
Navigate sub-frames across different domains Disable Enable Disable
Software channel permissions Medium safety Low safety High safety
Submit nonencrypted form data Enable Enable Disable
Userdata persistence Enable Enable Disable
Allow scripting of Internet Explorer Webbrowser control Disable Enable Disable
Allow script-initiated windows without size or position constraints Disable Enable Disable
Allow Web pages to use restricted protocols for active content Prompt Prompt Disable
Open files based on content, not file extension Enable Enable Disable
Use Pop-up Blocker Enable Disable Enable
Web sites in less privileged web content zone can navigate into this zone Enable Prompt Disable
Scripting Active scripting Enable Enable Disable
Allow paste operations via script Enable Enable Disable
Scripting of Java applets Enable Enable Disable
User Authentication Logon Automatic logon only in Intranet zone Automatic logon with current username and password Prompt for user name and password