Category: At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1

This policy setting allows you to manage whether the Notification bar is displayed for Internet Explorer processes when file or code installs are restricted. By default the Notification bar is displayed for Internet Explorer processes. If you enable this policy setting the Notification bar will be displayed for Internet Explorer Processes. If you disable this policy setting the Notification bar will not be displayed for Internet Explorer processes. If you do not configure this policy setting the Notification bar will be displayed for Internet Explorer Processes.

Internet Explorer places zone restrictions on each Web page it opens which are dependent upon the location of the Web page (Internet Intranet Local Machine zone etc. ). Web pages on the local computer have the fewest security restrictions and reside in the Local Machine zone. Local Machine zone security applies to all local files and content. This feature helps to mitigate attacks where the Local Machine zone is used as an attack vector to load malicious HTML code. If you enable this policy setting the Local Machine zone security applies to all local files and content processed by any process other than Internet Explorer or those defined in a process list. If you disable or do not configure this policy setting Local Machine zone security is not applied to local files or content processed by any process other than Internet Explorer or those defined in a process list.

This policy setting allows you to manage whether the Notification bar is displayed for specific processes when file or code installs are restricted. By default the Notification bar is not displayed for any process when file or code installs are restricted (except for the Internet Explorer Processes for which the Notification bar is displayed by default). If you enable this policy setting and enter a Value of 1 the Notification bar is displayed. If you enter a Value of 0 the Notification bar is not displayed. The Value Name is the name of the executable. If a Value Name is empty or the Value is not 0 or 1 the policy setting is ignored. Do not enter the Internet Explorer processes in this list: use the related Internet Explorer Processes policy to enable or disable for IE processes. If the All Processes policy setting is enabled the processes configured in this box take precedence over that setting. If you disable or do not configure this policy setting the Notification bar is not displayed for the specified processes.

Internet Explorer places zone restrictions on each Web page it opens which are dependent upon the location of the Web page (Internet Intranet Local Machine zone etc. ). Web pages on the local computer have the fewest security restrictions and reside in the Local Machine zone. Local Machine zone security applies to all local files and content processed by Internet Explorer. This feature helps to mitigate attacks where the Local Machine zone is used as an attack vector to load malicious HTML code. If you enable this policy setting the Local Machine zone security applies to all local files and content processed by Internet Explorer. If you disable this policy setting Local Machine zone security is not applied to local files or content processed by Internet Explorer. If you do not configure this policy setting the Local Machine zone security applies to all local files and content processed by Internet Explorer.

Internet Explorer uses Multipurpose Internet Mail Extensions (MIME) data to determine file handling procedures for files received through a Web server. This policy setting determines whether Internet Explorer requires that all file-type information provided by Web servers be consistent. For example if the MIME type of a file is text/plain but the MIME sniff indicates that the file is really an executable file Internet Explorer renames the file by saving it in the Internet Explorer cache and changing its extension. This policy setting allows administrators to define applications for which they want this security feature to be prevented or allowed. If you enable this policy setting and enter a Value of 1 MIME handling is in effect. If you enter a Value of 0 file-type information is allowed to be inconsistent. The Value Name is the name of the executable. If a Value Name is empty or the Value is not 0 or 1 the policy setting is ignored. Do not enter the Internet Explorer processes in this list: use the related Internet Explorer Processes policy to enable or disable IE processes. If the All Processes policy setting is enabled the processes configured in this box take precedence over that setting. If you disable or do not configure this policy setting the security feature is allowed.

Internet Explorer uses Multipurpose Internet Mail Extensions (MIME) data to determine file handling procedures for files received through a Web server. This policy setting determines whether Internet Explorer requires that all file-type information provided by Web servers be consistent. For example if the MIME type of a file is text/plain but the MIME sniff indicates that the file is really an executable file Internet Explorer renames the file by saving it in the Internet Explorer cache and changing its extension. If you enable this policy setting Internet Explorer requires consistent MIME data for all received files. If you disable this policy setting Internet Explorer will not require consistent MIME data for all received files. If you do not configure this policy setting Internet Explorer requires consistent MIME data for all received files.

Internet Explorer uses Multipurpose Internet Mail Extensions (MIME) data to determine file handling procedures for files received through a Web server. This policy setting determines whether Internet Explorer requires that all file-type information provided by Web servers be consistent. For example if the MIME type of a file is text/plain but the MIME sniff indicates that the file is really an executable file Internet Explorer renames the file by saving it in the Internet Explorer cache and changing its extension. If you enable this policy setting Consistent Mime Handling is enabled for all processes. If you disable or do not configure this policy setting Consistent Mime Handling is prevented for all processes.