Microsoft Windows XP Home Edition - Zenk - Security - Repository
25.01.2013 Views
Share Embed Flag

Microsoft Windows XP Home Edition - Zenk - Security - Repository

Microsoft Windows XP Home Edition - Zenk - Security - Repository

Microsoft Windows XP Home Edition - Zenk - Security - Repository

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
repo.zenk.security.com

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

<strong>Microsoft</strong> <strong>Windows</strong> <strong>XP</strong> <strong>Home</strong> <strong>Edition</strong><br />

<strong>Security</strong> Implementation<br />

Version 1.4b Option 1<br />

Drag and Drop or Copy and Past Files<br />

This option is enabled by default for Local and Trusted Sites. The<br />

issue with having this enabled is that a file could potentially have a<br />

script or control to move from a restricted site to a lower security<br />

site where it can do what it wants. Unless you are 100% confident<br />

in your Trusted or Local Site you should consider changing this to<br />

Prompt.<br />

Installation of desktop items<br />

This option is enabled by default only in the Trusted zone. This<br />

option allows you to protect yourself against a security vulnerability<br />

Key fingerprint<br />

that<br />

= AF19<br />

could<br />

FA27<br />

allow<br />

2F94<br />

a user<br />

998D<br />

to<br />

FDB5<br />

gain<br />

DE3D<br />

unauthorized<br />

F8B5 06E4<br />

privileges<br />

A169 4E46<br />

on your<br />

computer.<br />

Launching programs and files in an IFrame<br />

IFrames are in-line, floating frames that are often used for pop-up<br />

windows. Some security problems related to IFrames have been<br />

buffer overflows and hostile scripts. This option is enabled by<br />

default only in the Trusted zone.<br />

Software Channel Permissions<br />

This option controls the permissions given to software distribution<br />

channels. There are three levels that this option can be set at.<br />

High Safety. This option will prevent you from being notified about<br />

software updates by e-mail and keeps software from being<br />

automatically downloaded and installed. Medium Safety. This<br />

option will allow you to receive e-mails and downloads as long as<br />

they are digitally signed. There is no automatic installation with this<br />

option. Low Safety. This option will allow you to receive e-mail<br />

notification and will automatically download and install the software.<br />

Submit non-encrypted form data<br />

This option affects the transmission of forms data over non-SSL<br />

connections. You can have this option Disabled, Enabled, or<br />

Prompt. Disabling this option will disable the transmissions,<br />

Enabling this option will allow the transmissions, and Prompting will<br />

prompt you to see if you want to perform this or not.<br />

© SANS Institute 2003, Author retains full rights<br />

Userdata Persistence<br />

This option allows web sites to create XML files that store personal<br />

data for reuse by the web site. This is enabled in all the zones<br />

Key fingerprint except = AF19 Restricted. FA27 2F94 998D This is FDB5 not a DE3D security F8B5 risk 06E4 because A169 4E46 you choose<br />

what information to provide to the web site.<br />

Page 40 of 53<br />

© SANS Institute 2003, As part of the Information <strong>Security</strong> Reading Room. Author retains full rights.

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!