IEZoneAnalyzer update: v3.5.0.5

I just posted a minor update to IEZoneAnalyzer.  Version 3.5.0.5 fixes an issue in which IE10 was reported as version “9.10.9200.16614”; it now reports a 10.* version number.  (*) Version 3.5.0.5 also adds text corresponding to new IE security zone settings, adds back in a set of sample files that capture default settings on various…

2

Correction posted for IE Explicit Security Zone Mappings and IEZoneAnalyzer's Zone Map Viewer

I received some questions and comments about Internet Explorer’s Explicit Security Zone Mappings and about the latest version of IEZoneAnalyzer containing the Zone Map Viewer.  I hadn’t had time to dig into the questions so they lingered, but I finally carved some time to post answers to those questions in the Comments sections of those…

1

Enabling “Initialize and script ActiveX controls not marked as safe” in ANY zone can get you hurt, bad.

This post is about a security setting that is often underestimated in its ability to enable serious harm when relaxed.  Microsoft’s security guidance, the US Government Configuration Baseline (USGCB) and other security guidance currently mandate only that it be locked down in the Internet and Restricted Sites zones, which are of course the highest risk…

15

Alert: Java’s Forward-Compatibility Promise Has Been Revised

Java’s Forward-Compatibility Promise Writing forward-compatible software is really hard. You carefully write your programs strictly according to the current specifications for your target platform, and it works perfectly well on that platform.  But eventually that platform and its specifications will be updated.  It will effectively become a different platform, and you really have no way…

2

IEZoneAnalyzer v3.5 with Zone Map Viewer

IEZoneAnalyzer is a utility for viewing and comparing Internet Explorer security zone settings – that is, the configuration settings that grant web sites in the Intranet zone more capabilities in the browser than web sites in the Internet zone.  Earlier today, I wrote about the surprisingly complex rules that determine whether and when explicit mappings…

25

Internet Explorer’s Explicit Security Zone Mappings

[Updated 15 May 2012 to correct a bug involving precedence of Computer policies over User policies.] I recently worked with some customers who wanted to enumerate which web sites had been assigned to which Internet Explorer security zones.  I.e., they wanted to know which web sites had been assigned to the Intranet zone, which to…

7

IEZoneAnalyzer v3

Announcing a major update to the IE security zone analyzer! IEZoneAnalyzer is a utility for viewing and comparing Internet Explorer security zone settings. It is particularly valuable on systems controlled through Group Policy, on which the standard security settings dialog does not allow viewing of settings. IEZoneAnalyzer version 3 represents a total rewrite, adding a…

11

Web Application Test Plan

This blog post describes how to perform basic web application testing to identify and fix compatibility issues.  These procedures are designed for non-experts and not to require deep expertise in web application development.  The target platform is assumed to be Internet Explorer 8 running on Windows 7 with standard user rights.  Some of the issues covered below…

0

Viewing and Comparing IE Security Zone Settings - enhanced

I’ve enhanced the IE security zone comparison utility that I posted here a few weeks ago.  The new version shows the effective settings for a selected zone, based on the precedence rules for User and Computer policies and preferences (as described here) and whether only Machine settings are used.  Pick an IE security zone (such as Intranet),…

3