Category: At least Internet Explorer 10.0

This policy setting allows you to choose whether users will be notified if Internet Explorer is not the default web browser. If you enable this policy setting users will be notified if Internet Explorer is not the default web browser. Users cannot change the setting. If you disable this policy setting users will not be notified if Internet Explorer is not the default web browser. Users cannot change the setting. If you do not configure this policy setting users can choose whether to be notified that Internet Explorer is not the default web browser through the Tell me if Internet Explorer is not the default web browser check box on the Programs tab in the Internet Options dialog box. Note that starting with Internet Explorer 10 on Windows 8 the check box is located on the Advanced tab in the Internet Options dialog box. For more information see “Group Policy Settings in Internet Explorer 10” in the Internet Explorer TechNet library.

This policy setting shows the Content Advisor setting on the Content tab of the Internet Options dialog box. If you enable this policy setting Internet Explorer displays the Content Advisor setting on the Content tab of the Internet Options dialog box. Users can change Content Advisor settings. If you disable or do not configure this policy setting Internet Explorer does not display the Content Advisor setting on the Content tab of the Internet Options dialog box.

Enhanced Protected Mode provides additional protection against malicious websites by using 64-bit processes on 64-bit versions of Windows. For computers running at least Windows 8 Enhanced Protected Mode also limits the locations Internet Explorer can read from in the registry and the file system. If you enable this policy setting Enhanced Protected Mode will be turned on. Any zone that has Protected Mode enabled will use Enhanced Protected Mode. Users will not be able to disable Enhanced Protected Mode. If you disable this policy setting Enhanced Protected Mode will be turned off. Any zone that has Protected Mode enabled will use the version of Protected Mode introduced in Internet Explorer 7 for Windows Vista. If you do not configure this policy users will be able to turn on or turn off Enhanced Protected Mode on the Advanced tab of the Internet Options dialog.

This policy setting prevents ActiveX controls from running in Protected Mode when Enhanced Protected Mode is enabled. When a user has an ActiveX control installed that is not compatible with Enhanced Protected Mode and a website attempts to load the control Internet Explorer notifies the user and gives the option to run the website in regular Protected Mode. This policy setting disables this notification and forces all websites to run in Enhanced Protected Mode. Enhanced Protected Mode provides additional protection against malicious websites by using 64-bit processes on 64-bit versions of Windows. For computers running at least Windows 8 Enhanced Protected Mode also limits the locations Internet Explorer can read from in the registry and the file system. When Enhanced Protected Mode is enabled and a user encounters a website that attempts to load an ActiveX control that is not compatible with Enhanced Protected Mode Internet Explorer notifies the user and gives the option to disable Enhanced Protected Mode for that particular website. If you enable this policy setting Internet Explorer will not give the user the option to disable Enhanced Protected Mode. All Protected Mode websites will run in Enhanced Protected Mode. If you disable or do not configure this policy setting Internet Explorer notifies users and provides an option to run websites with incompatible ActiveX controls in regular Protected Mode. This is the default behavior.

This policy setting allows you to configure how Internet Explorer sends the Do Not Track (DNT) header. If you enable this policy setting Internet Explorer sends a DNT:1 header with all HTTP and HTTPS requests. The DNT:1 header signals to the servers not to track the user. For Internet Explorer 9 and 10:If you disable this policy setting Internet Explorer only sends the Do Not Track header if a Tracking Protection List is enabled or inPrivate Browsing mode is used. For at least Internet Explorer 11:If you disable this policy setting Internet Explorer only sends the Do Not Track header if inPrivate Browsing mode is used. If you don’t configure the policy setting users can select the Always send Do Not Track header option in Internet Explorer settings. By selecting this option Internet Explorer sends a DNT:1 header with all HTTP and HTTPS requests; unless the user grants a site-specific exception. Internet Explorer sends a DNT:0 header to any sites granted an exception. By default this option is turned on.