Securing Internet Explorer
Open Tools menu (Alt+T in Internet Explorer 8 and Alt+X in Internet Explorer 9, 10 and 11) and choose Internet Options. If Menu or Command bars are not visible, press ALT key on keyboard once to make menus visible.
In Windows 8 and 8.1, the settings below are shared between Desktop and Modern UI/Metro versions of Internet Explorer.
Open Security tab and click Reset all zones to default level, if the button is not grayed out (the latter means that all zones are already at default level).
Windows Vista, 7, 8 and 8.1 users should also make sure that Enable Protected Mode (requires restarting Internet Explorer) is on for Internet and Restricted sites zones - this defends your computer from malicious software and drive-by attacks on the Internet. This options is not available in Windows XP.
Click Privacy tab. Make sure that the Settings slider is set to Medium. If not, click the Default button. This sets a reasonable policy for allowing and disallowing cookies.
For Internet Explorer 9, 10 and 11 users, there is another option here - Never allow websites to request your physical location. Most privacy-aware people should click to check this box.
I strongly recommend using this settings, because geolocation security and privacy are still developing and you should prevent malicious sites from tracking your physical location. If the Clear sites button is not disabled (grayed out), click it to remove stored location data.
Open Content tab and click the Settings button in AutoComplete section.
Here in AutoComplete Settings window you can leave everything on except for the Ask me before saving passwords. This is very important because malware can easily steal all user names and passwords for sites you have visited (including your bank!). Use free Password Safe for remembering passwords instead.
If you have already saved some passwords or you want to be sure that no passwords are stored in Internet Explorer, click the Delete AutoComplete history... button.
Clear everything except Passwords and click Delete. This will clear saved passwords and close the Delete Browsing History window.
Click OK to close AutoComplete Settings window.
Next, open Advanced tab. This is a long list of advanced settings, try to configure settings like on pictures. We will cover security-related settings here.
In Browsing section, turn on the Enable third-party browser extensions setting to allow third-party security add-ons.
If your Internet Explorer crashes or will not start after enabling third-party extensions, turn Enable third-party browser extensions off again (open Control Panel and double-click Internet Options) and start troubleshooting: tutorials are available for Internet Explorer 8 , 9, 10 and 11.
Security section is certainly the most important part.
Always turn off settings named Allow active content from CDs to run on My Computer, Allow active content to run in files on My Computer and Allow software to run or install even if the signature is invalid! Enabling these options gives a hearty welcome to viruses and malware.
Check for publisher's certificate revocation and Check for server certificate revocation should be enabled to prevent malware from using stolen or outdated security certs.
Always enable Check for signatures on downloaded programs - this one helps to identify malware that disguises as legal software.
Enabling Do not save encrypted pages to disk keeps your sensitive personal information in online banks or other services away from your computer's hard drive and avoids private data disclosures.
Internet Explorer 9 and later users might still need to leave the feature disabled, because it causes trouble while downloading files from secure webpages (IE either "fails to connect" or downloads a web page instead of the requested file).
Always activate new protection methods Enable memory protection to help mitigate online attacks and Enable SmartScreen Filter. The first one turns on DEP (Data Execution Prevention) system that blocks possible attacks through infected web pages. The second one warns you about malicious websites and downloads. These settings do a lot to keep you safe.
Leave only Use TLS 1.0, Use TLS 1.1 and Use TLS 1.2 (the latter two are available since Internet Explorer 10) checked to protect secure web traffic (HTTPS protocol) from known weaknesses.
Always clear Use SSL 2.0 and Use SSL 3.0 boxes. The first one is not used anymore, and the latter one is used by only a fraction of web servers.
Tick the Warn about certificate address mismatch check box, too. It helps to identify malicious web sites that pretend to be perfectly legal.
In Internet Explorer 10, there are two new important options. First one, Always send Do Not Track header prevents advertisers from tracking your online behavior and should always be enabled.
The Enable Enhanced Protected Mode (aka Sandboxing) and Enable 64-bit processes for Enhanced Protected Mode (available only on 64-bit Windows) options deny access to local drives and Registry unless a user specifically asks for it. This is very useful in blocking malware that spreads using zero-day exploits or unpatched security bugs. But please be aware that this setting might also prevent several security add-ons from running until specific updates are released!
Scroll all the way down and clear the Warn if changing between secure and not secure mode box. Then make sure that the Warn if POST submittal is redirected to a zone that does not permit posts box is checked.
Here you see that Internet Explorer 11 has the Do Not Track option renamed to Send Do Not Track requests to sites you visit in Internet Explorer. Enable it.
The Enable Strict P3P Validation check box is available in Internet Explorer 10 and 11 only. It should be cleared, because only IE supports it and the feature is difficult to implement on web sites. You can read more about P3P in this Wikipedia article if you have spare time.
Click OK to close the Internet Options dialog. You might have to restart Internet Explorer for all settings to take effect.
Additional free security plugins for Internet Explorer
To stay away from malicious sites and downloads, use WOT Safe Surfing Tool. It also shows site ratings in search engine results (Google, Bing, etc) and on Facebook and Twitter.
Use Trusteer Rapport (aka Trusteer Endpoint Protection) for securing your account data and money from data-stealing malware.