Author: admin

File Explorer and Internet Explorer may be configured to prevent active content obtained through restricted protocols from running in an unsafe manner. This policy setting controls whether restricting content obtained through restricted protocols is prevented or allowed. If you enable this policy setting restricting content obtained through restricted protocols is allowed for File Explorer and Internet Explorer processes. For example you can restrict active content from pages served over the http and https protocols by adding the value names http and https. If you disable this policy setting restricting content obtained through restricted protocols is prevented for File Explorer and Internet Explorer processes. If you do not configure this policy setting the policy setting is ignored.

Internet Explorer may be configured to prevent active content obtained through restricted protocols from running in an unsafe manner. This policy setting controls whether restricting content obtained through restricted protocols is prevented or allowed. If you enable this policy setting restricting content obtained through restricted protocols is allowed for all processes other than File Explorer or Internet Explorer. If you disable this policy setting restricting content obtained through restricted protocols is prevented for all processes other than File Explorer or Internet Explorer. If you do not configure this policy setting no policy is enforced for processes other than File Explorer and Internet Explorer.

The MK Protocol Security Restriction policy setting reduces attack surface area by preventing the MK protocol. Resources hosted on the MK protocol will fail. This policy setting allows administrators to define applications for which they want this security feature to be prevented or allowed. If you enable this policy setting and enter a Value of 1 use of the MK protocol is prevented. If you enter a Value of 0 use of the MK protocol is allowed. If a Value Name is empty or the Value is not 0 or 1 the policy setting is ignored. Do not enter the Internet Explorer processes in this list: use the related Internet Explorer Processes policy to enable or disable IE processes. If the All Processes policy setting is enabled the processes configured in this box take precedence over that setting. If you disable or do not configure this policy setting the policy setting is ignored.

The MK Protocol Security Restriction policy setting reduces attack surface area by preventing the MK protocol. Resources hosted on the MK protocol will fail. If you enable this policy setting the MK Protocol is prevented for File Explorer and Internet Explorer and resources hosted on the MK protocol will fail. If you disable this policy setting applications can use the MK protocol API. Resources hosted on the MK protocol will work for the File Explorer and Internet Explorer processes. If you do not configure this policy setting the MK Protocol is prevented for File Explorer and Internet Explorer and resources hosted on the MK protocol will fail.

The MK Protocol Security Restriction policy setting reduces attack surface area by preventing the MK protocol. Resources hosted on the MK protocol will fail. If you enable this policy setting the MK Protocol is disabled for all processes. Any use of the MK Protocol is blocked. If you disable or do not configure this policy setting the MK Protocol is enabled.