Tag: Computer Configuration
Allow updates to status bar via script
This policy setting allows you to manage whether script is allowed to update the status bar within the zone. If you enable this policy setting script is allowed to update the status bar. If you disable or do not configure this policy setting script is not allowed to update the status bar.
Turn on Protected Mode
This policy setting allows you to turn on Protected Mode. Protected Mode helps protect Internet Explorer from exploited vulnerabilities by reducing the locations that Internet Explorer can write to in the registry and the file system. If you enable this policy setting Protected Mode is turned on. The user cannot turn off Protected Mode. If you disable this policy setting Protected Mode is turned off. The user cannot turn on Protected Mode. If you do not configure this policy setting the user can turn on or turn off Protected Mode.
Turn off first-run prompt
This policy setting controls the first-run response that the user sees on a zone-by-zone basis. When the user encounters a new control that has not previously run in Internet Explorer he or she may be prompted to approve the control. This policy setting determines whether the user is prompted. If you enable this policy setting the first-run prompt is turned off in the corresponding zone. If you disable this policy setting the first-run prompt is turned on in the corresponding zone. If you do not configure this policy setting the first-run prompt is turned off by default.
Web sites in less privileged Web content zones can navigate into this zone
This policy setting allows you to manage whether Web sites from less privileged zones such as Internet sites can navigate into this zone. If you enable this policy setting Web sites from less privileged zones can open new windows in or navigate into this zone. The security zone will run without the added layer of security that is provided by the Protection from Zone Elevation security feature. If you select Prompt in the drop-down box a warning is issued to the user that potentially risky navigation is about to occur. If you disable this policy setting the possibly harmful navigations are prevented. The Internet Explorer security feature will be on in this zone as set by Protection from Zone Elevation feature control. If you do not configure this policy setting the possibly harmful navigations are prevented. The Internet Explorer security feature will be on in this zone as set by Protection from Zone Elevation feature control.
Allow websites to open windows without status bar or Address bar
This policy setting controls whether websites can open new Internet Explorer windows that have no status bar or Address bar. If you enable this policy setting websites can open new Internet Explorer windows that have no status bar or Address bar. If you disable this policy setting websites cannot open new Internet Explorer windows that have no status bar or Address bar. If you do not configure this policy setting the user can choose whether websites can open new Internet Explorer Windows that have no status bar or Address bar.
Allow video and animation on a webpage that uses an older media player
This policy setting allows the playing of video and animation through older media players in specified zones. Video and animation playback through the object tag may still be allowed because this involves external controls or media players. The dynsrc attribute on the img tag specifies an older media player. Also as of Internet Explorer 8 this policy setting controls HTML+TIME media elements that refer to audio and video files. If you enable this policy setting video and animation can be played through older media players in specified zones. If you disable this policy setting video and animation cannot be played through older media players. If you do not configure this policy setting video and animation can be played through older media players in specified zones.
Allow scriptlets
This policy setting allows you to manage whether the user can run scriptlets. If you enable this policy setting the user can run scriptlets. If you disable this policy setting the user cannot run scriptlets. If you do not configure this policy setting the user can enable or disable scriptlets.
Software channel permissions
This policy setting allows you to manage software channel permissions. If you enable this policy setting you can choose the following options from the drop-down box. Low safety to allow users to be notified of software updates by e-mail software packages to be automatically downloaded to users’ computers and software packages to be automatically installed on users’ computers. Medium safety to allow users to be notified of software updates by e-mail and software packages to be automatically downloaded to (but not installed on) users’ computers. High safety to prevent users from being notified of software updates by e-mail software packages from being automatically downloaded to users’ computers and software packages from being automatically installed on users’ computers. If you disable this policy setting permissions are set to high safety. If you do not configure this policy setting permissions are set to Low safety.
Submit non-encrypted form data
This policy setting allows you to manage whether data on HTML forms on pages in the zone may be submitted. Forms sent with SSL (Secure Sockets Layer) encryption are always allowed; this setting only affects non-SSL form data submission. If you enable this policy setting information using HTML forms on pages in this zone can be submitted automatically. If you select Prompt in the drop-down box users are queried to choose whether to allow information using HTML forms on pages in this zone to be submitted. If you disable this policy setting information using HTML forms on pages in this zone is prevented from being submitted. If you do not configure this policy setting information using HTML forms on pages in this zone can be submitted automatically.
Run . NET Framework-reliant components not signed with Authenticode
This policy setting allows you to manage whether . NET Framework components that are not signed with Authenticode can be executed from Internet Explorer. These components include managed controls referenced from an object tag and managed executables referenced from a link. If you enable this policy setting Internet Explorer will execute unsigned managed components. If you select Prompt in the drop-down box Internet Explorer will prompt the user to determine whether to execute unsigned managed components. If you disable this policy setting Internet Explorer will not execute unsigned managed components. If you do not configure this policy setting Internet Explorer will not execute unsigned managed components.