The Medium security level applies these settings:
- ActiveX controls and plug-ins
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disable
Initialize and script ActiveX controls not marked as safe: Disable
Run ActiveX controls and plug-ins: Enable
Script ActiveX controls marked safe for scripting: Enable
- Downloads
File download: Enable
Font download: Enable
- Microsoft VM
Java permissions: High safety
- Miscellaneous
Access data sources across domains: Disable
Allow META refresh: Enable
Display mixed content: Enable
Don't prompt for client certificate selection when no
certificates or only one certificate exists: Disable
Drag and drop or copy and paste files: Enable
Installation of desktop items: Disable
Launching programs and files in an IFRAME: Disable
Navigate sub-frames across different domains: Enable
Software channel permissions: Medium safety
Submit non-encrypted form data: Enable
Userdata persistence: Enable
- Scripting
Active scripting: Enable
Allow paste operations via scripts: Enable
Scripting of Java applets: Enable
- User authentification
Logon: Prompt for user name and password
- Cookies
Persistent cookies: Enable
Session cookies: Enable
