Known Internet Explorer Security Feature Issues
Applies To: Windows 7, Windows Vista
The enhanced security settings introduced in Windows® Internet Explorer® 7 might create compatibility issues for some Web sites and applications. This section provides an overview of the specific security features that the Internet Explorer Compatibility Test tool can test for and identify, as well as the recommended ways to address any issues.
You can address the issues identified by the Internet Explorer Compatibility Test tool and still receive the enhanced security benefits of deploying a new version of the Windows® operating system, by using one of the following two approaches:
Fixing the Web site or the Web application
Deploying a workaround
Fixing the Web Site or Web Application
Fixing the Web site or Web application by changing the code itself is typically the recommended way to address a compatibility issue uncovered by the Internet Explorer Compatibility Test tool. Although this approach may involve higher initial costs or additional development time to deploy, this kind of fix has the advantage of permanently solving the problem, and it results in no long-term maintenance or ongoing operational costs. After you change the code to eliminate the issue, all of your users will be able to access the site without experiencing an issue. However, if you do not have access to the code or if your time and resources do not permit taking advantage of this approach, an alternative fix is to deploy a workaround.
Deploying a Workaround
A workaround is a fix that involves applying alternative registry settings to address a compatibility issue. Although deploying a workaround may seem quicker and easier than rewriting the code, this approach does involve some long-term maintenance requirements. For example, you must ensure that all new users have the correct set of features disabled on their workstations or they will experience issues with the Web site or Web application. A workaround is also a less preferable approach because it may result in a reduction in security for that particular issue. However, a workaround may still be more preferable than going without the overall security enhancement that you receive by deploying Windows Vista®. You may want to think about changing registry settings as a good short-term solution while the long-term solution of changing the code is still in development.
In This Section
| Topic Name | Description |
|---|---|
Includes detailed information about the MIME Handling Restrictions event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the Windows Restrictions event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the Zone Elevation Restrictions event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the Binary Behaviors Restrictions event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the Object Caching Protection event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the ActiveX Blocking event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the Pop-Up Blocking event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the Automatic Download Blocking event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the Local Machine Zone Lockdown (LMZL) event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the Centralized URL Parsing event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the Internationalized Domain Names (IDN) Support event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the Secure Sockets Layer (SSL) event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the Cross-Domain Barrier and Script URL Mitigation event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the Anti-Phishing event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the Manage Add-ons event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the Protected Mode event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the Cascading Style Sheet (CSS Fixes) event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the UIPI Extension Blocked event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the UIPI Cross Process Window Message event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the Cross-Site Scripting Filter event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the Intranet at Medium Integrity Level event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the Data Execution Prevention/No Execute (DEP/NX) Crash Recovery event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the Standards Mode event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the File Name Restriction event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the Codepage Sniffing event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the Ajax Navigation event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the Application Protocol event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the Windows Reuse Navigation Restriction event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Event 1063 - MIME Restrictions - Authoritative Content Type Handling |
Includes detailed information about the MIME Restrictions - Authoritative Content Type Handling event, including a description of the event, how the event is logged, and any remediation or security risks. |
Event 1064 - MIME Sniffing Restrictions - No Image Elevation to HTML |
Includes detailed information about the MIME Sniffing Restrictions - No Image Elevation to HTML event, including a description of the event, how the event is logged, and any remediation or security risks. |
Includes detailed information about the Web Proxy Error Handling Changes event, including a description of the event, how the event is logged, and any remediation or security risks. |
|
Includes detailed information about the Certificate Filtering event, including a description of the event, how the event is logged, and any remediation or security risks. |
See Also
Concepts
Using the Internet Explorer Compatibility Test Tool
Phase 3: Testing and Mitigating Your Compatibility Issues