IE Win XP SP2 guidance
This paper came out recently and examines the state of Web browser security and the correlation between a browser’s vulnerability and its advanced functionality.
http://www.microsoft.com/downloads/details.aspx?FamilyId=E550F940-37A0-4541-B5E2-704AB386C3ED&displaylang=en
A few interesting sections with their page numbers:
Security Versus Functionality 5
Default Settings & Patches 6
Browser Attacks: How They Work 8
Embedding Malicious Code in Web Pages and Sites 8
URL Spoofing 8
Internet Explorer Service Pack 2 Security Enhancements 16
Local Machine Zone Lockdown 16
Zone Elevation Blocks 16
Consistent MIME Handling and MIME Sniffing 17
Preventing URL spoofing 17
Secure Download Management 18
Pop-up Window Controls 19
Add-on Management 20
The Future of Browser Security Including Internet Explorer 7 Enhancements 22
