How well Internet Explorer--or any Web browser, for that matter--protects against attacks and malware greatly depends on whether you keep it up to date and have the right security settings. Here's how to take the proper security measures with Internet Explorer 9 and 10.
Upgrade to the latest version of IE
Although switching to a new version of your browser can take some getting used to--what with its various interface and feature changes--new security features are often worth the annoyance. So it's a good idea to upgrade to newer versions when available.
IE 10 is the latest version, and it comes bundled with Windows 8. Microsoft also offers IE 10 for those running Windows 7 with Service Pack 1 installed. But if you're running Windows Vista, you're stuck with using IE 9.
To determine whether the latest possible version of IE is installed, open IE, press the key, open the Help menu, and then select About Internet Explorer.
Download IE updates
No matter which version of Windows or IE you're running, you should have all the latest IE updates installed. These updates typically patch known security holes and vulnerabilities. Open IE, press the key, select the Tools menu, and then select Windows Update. If you're using Windows 8, open IE in the desktop interface.
In the Windows Update window that follows, click Check for Updates, and install IE or other updates. To ensure you stay up-to-date in the future, consider having updates installed automatically.
Check for add-on updates
Many browser attacks exploit security vulnerabilities that affect popular add-ons like Adobe Flash Player or Java, so you should install updates for those as soon as you get the update nag message. Also consider periodically running a scan with free tools like Qualys BrowserCheck or Secunia Personal Software Inspector (PSI) to make doubly sure that you haven't missed any updates.
Verify or adjust security levels
IE lets you set custom security settings for different zones: Internet, Local Intranet, Trusted Sites, and Restricted Sites. When you visit a website, IE automatically classifies it as in the Internet zone. The exceptions are websites hosted by your local network (say, a site set up for use on your company's network)--then it's Local Intranet--or sites that you've added to the Trusted or Restricted lists beforehand. You can set each zone to a predefined security level and customize the settings as well.
Though IE sets each zone to an acceptable level by default, you may want to double-check your settings for each zone and even turn them up for greater protection. Open IE, press the key, select the Tools menu, and click Internet Options. If you're using Windows 8, open IE from the traditional desktop interface to get at these options.
Sign up for CIO Asia eNewsletters.