Open Tools menu (Alt+T in Internet Explorer 8 and Alt+X in Internet Explorer 9, 10 and 11) and choose Internet Options. If Menu or Command bars are not visible, press ALT key on keyboard once to make menus visible.
In Windows 8 and 8.1, the settings below are shared between Desktop and Modern UI/Metro versions of Internet Explorer.
In Windows 10, Microsoft Edge has its own separate settings.
Open Security tab and click the Reset all zones to default level button, unless it is grayed out (the latter means that all zones are already at default level).
Windows Vista, 7, 8, 8.1 and 10 users should also make sure that the Enable Protected Mode (requires restarting Internet Explorer) option is on for the Internet and the Restricted sites zones - this defends your device from malicious software and drive-by attacks on the Internet. This options is not available in Windows XP.
Click Privacy tab. Make sure that the Settings slider is set to Medium. If not, click the Default button. This sets a reasonable policy for allowing and disallowing cookies.
This button is not available in Windows 10's Internet Explorer 11.
For Internet Explorer 9, 10 and 11 users, there is another option here - Never allow websites to request your physical location. Most privacy-aware people should click to check this box.
I strongly recommend using this settings, because geolocation security and privacy are still misused and you should prevent malicious sites from tracking your physical location. If the Clear sites button is not disabled (grayed out), click it to remove stored location data.
Open Content tab and click the Settings button in AutoComplete section.
Here in the AutoComplete Settings window, you can leave everything on except for the Ask me before saving passwords option. This is very important because malware can easily steal all user names and passwords for sites you have visited (including your bank!).
If you have already saved some passwords or you want to be sure that no passwords are stored in Internet Explorer, click the Delete AutoComplete history button.
Clear everything except for the Passwords check box and then click Delete. This will clear saved passwords and close the Delete Browsing History window.
Click OK to close AutoComplete Settings window.
Next, move on to the Advanced tab. This is a long list of advanced settings, try to configure settings like on pictures. I will cover security-related settings here.
In the Browsing section, turn on the Enable third-party browser extensions option to allow third-party security add-ons.
If Internet Explorer crashes or will not start after enabling third-party extensions, turn the Enable third-party browser extensions off again (open Control Panel and double-click Internet Options) and start troubleshooting.
The Security section is certainly the most important part.
Always turn off settings named Allow active content from CDs to run on My Computer, Allow active content to run in files on My Computer and Allow software to run or install even if the signature is invalid! Enabling these options gives a hearty welcome to viruses and malware.
The Check for publisher's certificate revocation and the Check for server certificate revocation options should be enabled to prevent malware from using stolen or outdated security certs.
Always enable the Check for signatures on downloaded programs setting- this one helps to identify malware that disguises as legal software.
Ticking the Do not save encrypted pages to disk check box keeps your sensitive personal information in online banks and other services away from your computer's hard drive and avoids private data disclosures.
Internet Explorer 9 and later users might still need to leave the feature disabled, because it causes trouble while downloading files from secure webpages (IE either "fails to connect" or downloads a web page instead of the requested file).
Always activate the new protection methods Enable memory protection to help mitigate online attacks and Enable SmartScreen Filter (or Enable Windows Defender SmartScreen in Windows 10 Creators Update and newer). The first one turns on DEP (Data Execution Prevention) system that blocks possible attacks through infected web pages. The second one warns you about malicious websites and downloads. These settings do a lot to keep you safe.
Turn on the Use TLS 1.0, Use TLS 1.1 and Use TLS 1.2 (the latter two are available since Internet Explorer 10) options to protect secure web traffic (HTTPS protocol) from known weaknesses.
Always clear the Use SSL 2.0 and Use SSL 3.0 boxes. The first one is not used anymore (this option has disappeared in newest Windows versions), and the latter one is used by only a fraction of web servers.
Tick the Warn about certificate address mismatch check box to help identifying malicious web sites that pretend to be legal.
In Internet Explorer 10 and newer, there are two new important options. First one, Always send Do Not Track header prevents advertisers from tracking your online behavior and should always be enabled.
The Enable Enhanced Protected Mode (aka Sandboxing) and Enable 64-bit processes for Enhanced Protected Mode (available only on 64-bit Windows) options deny access to local drives and Registry unless a user specifically asks for it. This is very useful in blocking malware that spreads using zero-day exploits or unpatched security bugs. But please be aware that this setting might also prevent several security add-ons from running until specific updates are released!
Scroll all the way down and clear the Warn if changing between secure and not secure mode box. Then make sure that the Warn if POST submittal is redirected to a zone that does not permit posts check box is ticked.
Here you see that Internet Explorer 11 has the Do Not Track option renamed to Send Do Not Track requests to sites you visit in Internet Explorer. Enable it.
The Enable Strict P3P Validation check box is available in Internet Explorer 10 and 11 only. It should be cleared, because only IE supports it and the feature is difficult to implement on web sites. You can read more about P3P in this Wikipedia article if you have spare time.
Click OK to close the Internet Options dialog. You might have to restart Internet Explorer for all settings to take effect.