Skip to the content of the web site.

Browser Recommendations

2006/07/27 - 2008/04/18

This is a demo page to show the advice that would be given if your browser were:

Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

Microsoft Internet Explorer: the current recommended version is version 7.0 and is only available for Windows XP and later systems. You are not running a recommended version. Patches for various products including the browser are available at the Microsoft Update Center. We cannot determine your patch level. You should have your system configured for automatic updates so patches are applied regularly.

Improving Security: Microsoft has an article to help you Improve the safety of your browsing and e-mail activities and see the US-CERT recommendations in Securing Your Web Browser. You should take the time to read and implement those recommendations. The most important issue is security "zones" -- the "internet" zone should not be trusted, use the "high" security level. A "medium" security level should only be used within the "trusted" zone.

Active-X: Internet Explorer is the only browser that supports Active-X -- this is a Microsoft method for running application images on your system (cf. Java and Javascript which are scripting languages). Active-X is especially dangerous and should not be enabled for sites other than the very few you trust. Active-X is required for patching through the Update Center -- add update.microsoft.com to your "Trusted Sites" and set the security level to "Medium".

Tool-bar Plugins: Google, Yahoo and other search engines offer tool-bar plugins. These are not recommended -- they add complexity where it's not required and will require maintenance. You can add search engines to your "Favorites". You do not need any tool-bar additions to stop irritating pop-up ads -- from the "Tools" menu use the "Pop-up Blocker". From the "Tools" menu you should use "Manage Add-Ons" to minimize additions to IE -- none are required, all present some risk and some may well be malicious.

JavaScript and Java: Many browsers support JavaScript and Java -- both have a history of security problems. Both should be disabled or only enabled at trusted sites. If enabled you should be very cautious about the sites you visit. Some browsers and many web sites rely on JavaScript so this recommendation may be difficult.

Browser Plugins: Many browser support the addition of plugins like Java, Flash, Shockwave, QuickTime, etc. These plugins come with security problems of their own and will require periodic updates. We recommend you avoid installing any plugins unless you have strong requirements. Further that you only use these plugins at trusted sites.

Automatic Updates: Patches for Microsoft Windows, including core components like the IE browser, are available at the Microsoft Update Center (you will need to be an administrator to apply updates). It is essential that you have your system and browser patched as many security problems have been identified. We recommend that you configure your system for automatic patching -- see the Microsoft articles on Automatic Updates and the Windows/XP Security Center.

Least Privilege: On many Windows systems users login with "Power User" or "Administrator" privileges -- this is a dangerous practice . You should have ordinary user account with no special privileges and use that account for everyday tasks. Use the account with administrator privileges only when installing new software, changing system configurations, and other important tasks.

Recommended OS: We recommend Windows XP/SP2 on the desktop and discourage all older Windows operating systems (viz, Windows 95, 98, ME, NT 4 and Windows 2000). There is very little support for those systems from the vendor. We understand that IE 7 will only be released for the current supported environment and will not be available on these older systems. You are running on Windows NT 5.1 (XP) -- that is a recommended platform.

Be careful: You should be careful about the web sites you visit. Many compromises can be traced to malicious content hosted at dubious web sites offering "free" services -- pornography sites are notorious.

Finally: This document is an incomplete work in progress, if you have any security advice to share please do. Your comments are appreciated and will help others.

See Also: We have similar advice documents on other browsers including Blackberry, Camino (OS X), Firefox, KDE Konqueror (Linux/FreeBSD), Lynx (Unix), Opera (Windows/Linux), Internet Explorer, Mozilla, Safari and SeaMonkey.

(by) Reg Quinton, Information Systems and Technology