Internet Explorer Security
Other versions of this page are also available for the following:
.gif "A hyphen indicates that the information in this topic is not relevant for this platform, or that the platform does not support the API that is listed.")
.gif "A checkmark indicates that the information in this topic is relevant for this platform, and that any API listed is also supported on this platform.")
8/28/2008
Microsoft® Internet Explorer supports Kerberos, Transport Layer Security (TLS) 1.0, Secure Sockets Layer (SSL) versions 2.0 and 3.0, and Server Gated Crypto (SGC) security protocols. These protocols are available through WinInet or directly from Winsock. In addition, WinInet provides server and proxy authentication for HTTP sessions and client-side use of the Passport Authentication Protocol.
Best Practices
Help create safe ActiveX controls
Internet Explorer for Windows Embedded CE does not support downloading of Microsoft ActiveX® controls. However, there is still the possibility that any ActiveX controls that are already installed on the device can be misused, either intentionally or unintentionally. Any ActiveX control that is part of your Web application must implement IObjectSafety and, when possible, limit the context in which the ActiveX control can be run. For information about how to create more secure ActiveX controls, and safe initialization of controls, see Developing Secure ActiveX Controls.
Use authentication
If your OS design supports NTLM or Kerberos authentication, use one of these mechanisms instead of Basic authentication for better security.
Use Secure Sockets Layer (SSL)
SSL protocol helps protect data from packet sniffing by anyone with physical access to the network. For more information, see SSL Support.
The following topics contain security information about WinInet and URL Moniker services:
Default Registry Settings
Some registry settings for URL Monikers may have security implications. The registry settings documentation contains Security Note entries with information about security issues.
For information about default registry settings see Internet Explorer 6 Registry Settings.
Ports
The following table shows the default ports that are used by Internet Explorer: A user can also specify a port in a URL, by using the format <protocol>://<host>:<port-number>[<path>]. If the specified port is available at the server, it will be used instead of the default.
| Protocol | Default Port Number |
|---|---|
FTP |
21 |
HTTP |
80 |
HTTPS |
443 |
SOCKS (firewall servers) |
1080 |