<html dir="ltr" xmlns:svg="http://www.w3.org/2000/svg" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" gpmc_reportInitialized="false">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-16" />
<title>MSFT Internet Explorer 11 - Computer</title>
<!-- Styles -->
<style type="text/css">
                body    { background-color:#FFFFFF; border:1px solid #666666; color:#000000; font-size:68%; font-family:MS Shell Dlg; margin:0,0,10px,0; word-break:normal; word-wrap:break-word; }

                table   { font-size:100%; table-layout:fixed; width:100%; }

                td,th   { overflow:visible; text-align:left; vertical-align:top; white-space:normal; }

                .title  { background:#FFFFFF; border:none; color:#333333; display:block; height:24px; margin:0px,0px,0px,0px; padding-top:0px; position:relative; table-layout:fixed; z-index:5; }

                .he0_expanded    { background-color:#FEF7D6; border:1px solid #BBBBBB; color:#3333CC; cursor:hand; display:block; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; height:2.25em; margin-bottom:-1px; margin-left:0px; margin-right:0px; padding-left:8px; padding-right:5em; padding-top:4px; position:relative; }

                .he1_expanded    { background-color:#A0BACB; border:1px solid #BBBBBB; color:#000000; cursor:hand; display:block; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; height:2.25em; margin-bottom:-1px; margin-left:20px; margin-right:0px; padding-left:8px; padding-right:5em; padding-top:4px; position:relative; }

                .he0h_expanded   { background-color: #FEF0D0; border: 1px solid #BBBBBB; color: #000000; cursor: hand; display: block; font-family: MS Shell Dlg; font-size: 100%; font-weight: bold; height: 2.25em; margin-bottom: -1px; margin-left: 5px; margin-right: 0px; padding-left: 8px; padding-right: 5em; padding-top: 4px; position: relative;  }
                .he1h_expanded   { background-color: #7197B3; border: 1px solid #BBBBBB; color: #000000; cursor: hand; display: block; font-family: MS Shell Dlg; font-size: 100%; font-weight: bold; height: 2.25em; margin-bottom: -1px; margin-left: 10px; margin-right: 0px; padding-left: 8px; padding-right: 5em; padding-top: 4px; position: relative; }

                .he1    { background-color:#A0BACB; border:1px solid #BBBBBB; color:#000000; cursor:hand; display:block; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; height:2.25em; margin-bottom:-1px; margin-left:20px; margin-right:0px; padding-left:8px; padding-right:5em; padding-top:4px; position:relative; }

                .he2    { background-color:#C0D2DE; border:1px solid #BBBBBB; color:#000000; cursor:hand; display:block; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; height:2.25em; margin-bottom:-1px; margin-left:30px; margin-right:0px; padding-left:8px; padding-right:5em; padding-top:4px; position:relative; }

                .he3    { background-color:#D9E3EA; border:1px solid #BBBBBB; color:#000000; cursor:hand; display:block; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; height:2.25em; margin-bottom:-1px; margin-left:40px; margin-right:0px; padding-left:11px; padding-right:5em; padding-top:4px; position:relative; }

                .he4    { background-color:#E8E8E8; border:1px solid #BBBBBB; color:#000000; cursor:hand; display:block; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; height:2.25em; margin-bottom:-1px; margin-left:50px; margin-right:0px; padding-left:11px; padding-right:5em; padding-top:4px; position:relative; }

                .he4h   { background-color:#E8E8E8; border:1px solid #BBBBBB; color:#000000; cursor:hand; display:block; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; height:2.25em; margin-bottom:-1px; margin-left:55px; margin-right:0px; padding-left:11px; padding-right:5em; padding-top:4px; position:relative; }

                .he4i   { background-color:#F9F9F9; border:1px solid #BBBBBB; color:#000000; display:block; font-family:MS Shell Dlg; font-size:100%; margin-bottom:-1px; margin-left:55px; margin-right:0px; padding-bottom:5px; padding-left:21px; padding-top:4px; position:relative; }

                .he2i   { background-color:#F9F9F9; border:1px solid #BBBBBB; color:#000000; display:block; font-family:MS Shell Dlg; font-size:100%; margin-bottom:-1px; margin-left:35px; margin-right:0px; padding-bottom:5px; padding-left:21px; padding-top:4px; position:relative;}
                .he5    { background-color:#E8E8E8; border:1px solid #BBBBBB; color:#000000; cursor:hand; display:block; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; height:2.25em; margin-bottom:-1px; margin-left:60px; margin-right:0px; padding-left:11px; padding-right:5em; padding-top:4px; position:relative; }

                .he5h   { background-color:#E8E8E8; border:1px solid #BBBBBB; color:#000000; cursor:hand; display:block; font-family:MS Shell Dlg; font-size:100%; padding-left:11px; padding-right:5em; padding-top:4px; margin-bottom:-1px; margin-left:65px; margin-right:0px; position:relative; }

                .he5i   { background-color:#F9F9F9; border:1px solid #BBBBBB; color:#000000; display:block; font-family:MS Shell Dlg; font-size:100%; margin-bottom:-1px; margin-left:65px; margin-right:0px; padding-left:21px; padding-bottom:5px; padding-top: 4px; position:relative; }

                div .expando { color:#000000; text-decoration:none; display:block; font-family:MS Shell Dlg; font-size:100%; font-weight:normal; position:absolute; right:10px; text-decoration:underline; z-index: 0; }

                .he0 .expando { font-size:100%; }

                .info, .info3, .info4, .disalign  { line-height:1.6em; padding:0px,0px,0px,0px; margin:0px,0px,0px,0px; }

                .disalign TD                      { padding-bottom:5px; padding-right:10px; }

                .info TD                          { padding-right:10px; width:50%; }

                .info3 TD                         { padding-right:10px; width:33%; }

                .info4 TD, .info4 TH              { padding-right:10px; width:25%; }

                .info TH, .info3 TH, .info4 TH, .disalign TH { border-bottom:1px solid #CCCCCC; padding-right:10px; }

                .subtable, .subtable3             { border:1px solid #CCCCCC; margin-left:0px; background:#FFFFFF; margin-bottom:10px; }

                .subtable TD, .subtable3 TD       { padding-left:10px; padding-right:5px; padding-top:3px; padding-bottom:3px; line-height:1.1em; }

                .subtable TH, .subtable3 TH       { border-bottom:1px solid #CCCCCC; font-weight:normal; padding-left:10px; line-height:1.6em;  }

                .subtable .footnote               { border-top:1px solid #CCCCCC; }

                .subtable3 .footnote, .subtable .footnote { border-top:1px solid #CCCCCC; }

                .subtable_frame     { background:#D9E3EA; border:1px solid #CCCCCC; margin-bottom:10px; margin-left:15px; }

                .subtable_frame TD  { line-height:1.1em; padding-bottom:3px; padding-left:10px; padding-right:15px; padding-top:3px; }

                .subtable_frame TH  { border-bottom:1px solid #CCCCCC; font-weight:normal; padding-left:10px; line-height:1.6em; }

                .subtableInnerHead { border-bottom:1px solid #CCCCCC; border-top:1px solid #CCCCCC; }

                .explainlink            { color:#0000FF; text-decoration:none; cursor:hand; }

                .explainlink:hover      { color:#0000FF; text-decoration:underline; }

                .spacer { background:transparent; border:1px solid #BBBBBB; color:#FFFFFF; display:block; font-family:MS Shell Dlg; font-size:100%; height:10px; margin-bottom:-1px; margin-left:43px; margin-right:0px; padding-top: 4px; position:relative; }

                .filler { background:transparent; border:none; color:#FFFFFF; display:block; font:100% MS Shell Dlg; line-height:8px; margin-bottom:-1px; margin-left:53px; margin-right:0px; padding-top:4px; position:relative; }

                .container { display:block; position:relative; }

                .rsopheader { background-color:#A0BACB; border-bottom:1px solid black; color:#333333; font-family:MS Shell Dlg; font-size:130%; font-weight:bold; padding-bottom:5px; text-align:center; }

                .rsopname { color:#333333; font-family:MS Shell Dlg; font-size:130%; font-weight:bold; padding-left:11px; }

                .gponame{ color:#333333; font-family:MS Shell Dlg; font-size:130%; font-weight:bold; padding-left:11px; }

                .gpotype{ color:#333333; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; padding-left:11px; }

                #uri    { color:#333333; font-family:MS Shell Dlg; font-size:100%; padding-left:11px; }

                #dtstamp{ color:#333333; font-family:MS Shell Dlg; font-size:100%; padding-left:11px; text-align:left; width:30%; }

                #objshowhide { color:#000000; cursor:hand; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; margin-right:0px; padding-right:10px; text-align:right; text-decoration:underline; z-index:2; word-wrap:normal; }

                #gposummary { display:block; }

                #gpoinformation { display:block; }

                @media print {

                    #objshowhide{ display:none; }

                    body    { color:#000000; border:1px solid #000000; }

                    .title  { color:#000000; border:1px solid #000000; }

                    .he0_expanded    { color:#000000; border:1px solid #000000; }

                    .he1h_expanded   { color:#000000; border:1px solid #000000; }

                    .he1_expanded    { color:#000000; border:1px solid #000000; }

                    .he1    { color:#000000; border:1px solid #000000; }

                    .he2    { color:#000000; background:#EEEEEE; border:1px solid #000000; }

                    .he3    { color:#000000; border:1px solid #000000; }

                    .he4    { color:#000000; border:1px solid #000000; }

                    .he4h   { color:#000000; border:1px solid #000000; }

                    .he4i   { color:#000000; border:1px solid #000000; }

                    .he5    { color:#000000; border:1px solid #000000; }

                    .he5h   { color:#000000; border:1px solid #000000; }

                    .he5i   { color:#000000; border:1px solid #000000; }

                    }

</style>
<!-- Scripts -->
<script type="text/javascript" language="javascript">
/*
String "strShowHide(0/1)"
0 = Hide all mode.
1 = Show all mode.
*/

var windowsArray = new Array();
var strShowHide = 1;

//Localized strings

var strShow = "show";
var strHide = "hide";
var strShowAll = "show all";
var strHideAll = "hide all";
var strShown = "shown";
var strHidden = "hidden";
var strExpandoNumPixelsFromEdge = "10px";


function IsSectionHeader(obj) {
    return (obj.className === "he0_expanded") || (obj.className === "he0h_expanded") || (obj.className === "he1h_expanded") || (obj.className === "he1_expanded") || (obj.className === "he1") || (obj.className === "he2") || (obj.className === "he3") || (obj.className === "he4") || (obj.className === "he4h") || (obj.className === "he5") || (obj.className === "he5h");
}

function IsSectionExpandedByDefault(objHeader) {
    if (objHeader === null) {
        return false;
    } else {
        return (objHeader.className.slice(objHeader.className.lastIndexOf("_")) === "_expanded");
    }
}

function SetSectionState(objHeader, strState) {
    var i = 0;
    var j;
    var all = objHeader.parentElement.ownerDocument.all;

    if (all === null) {
        return;
    }

    for (j = 0; j < all.length; j++) {
        if (all[j] === objHeader) {
            break;
        }
        i = i + 1;
    }

    for (j = i; j < all.length; j++) {
        if (all[i].className === "container") {
            break;
        }
        i = i + 1;
    }

    var objContainer = all[i];

    if (strState === "toggle") {
        if (objContainer.style.display === "none") {
            SetSectionState(objHeader, "show");
        }
        else {
            SetSectionState(objHeader, "hide");
        }
    }
    else {
        var objExpando = objHeader.children[1];

        if (strState === "show") {
            objContainer.style.display = "block";
            objExpando.innerText = strHide;
        }
        else if (strState === "hide") {
            objContainer.style.display = "none";
            objExpando.innerText = strShow;
        }
    }
}

function ShowSection(objHeader) {
    SetSectionState(objHeader, "show");
}

function HideSection(objHeader) {
    SetSectionState(objHeader, "hide");
}

function ToggleSection(objHeader) {
    SetSectionState(objHeader, "toggle");
}

/*================================================================================
' link at the top of the page to collapse/expand all collapsable elements
'================================================================================
*/
function objshowhide_onClick() {
    var obji;
    var objBody = document.body.getElementsByTagName("*");

    if (objBody === null) {
        return;
    }
    
    switch (strShowHide) {
        case 0:
            strShowHide = 1;
            window.objshowhide.innerText = strShowAll;
            for (obji = 0; obji < objBody.length; obji++) {
                if (objBody[obji].className !== 'undefined' && IsSectionHeader(objBody[obji])) {
                    HideSection(objBody[obji]);
                }
            }
            break;
        case 1:
            strShowHide = 0;
            window.objshowhide.innerText = strHideAll;
            for (obji = 0; obji < objBody.length; obji++) {
                if (objBody[obji].className !== 'undefined' && IsSectionHeader(objBody[obji])) {
                    ShowSection(objBody[obji]);
                }
            }
            break;
    }
}

/*================================================================================
' onload collapse all except the first two levels of headers (he0, he1)
'================================================================================*/
function window_onload() {
    // Only initialize once.  The UI may reinsert a report into the webbrowser control,
    // firing onLoad multiple times.
    if (document.documentElement.getAttribute("gpmc_reportInitialized").toUpperCase() !== "TRUE") {
        // Set text direction
        fDetDir(document.dir.toUpperCase());

        // Initialize sections to default expanded/collapsed state.
        var objBody = document.body.getElementsByTagName("*");

        if (objBody === null) {
            return;
        }

        for (var obji = 0; obji < objBody.length; obji++) {
            if (IsSectionHeader(objBody[obji])) {
                if (IsSectionExpandedByDefault(objBody[obji])) {
                    ShowSection(objBody[obji]);
                }
                else {
                    HideSection(objBody[obji]);
                }
            }
        }

        objshowhide.innerText = strShowAll;

        document.documentElement.setAttribute("gpmc_reportInitialized", "true");
    }
}

/*'================================================================================
' When direction (LTR/RTL) changes, change adjust for readability
'================================================================================
*/
function document_onPropertyChange() {
    if (window.event.propertyName === "dir") {
        fDetDir(document.dir.toUpperCase());
    }
}

function fDetDir(strDir) {
    var colRules;
    var nug;
    var i;
    var strClass;

    switch (strDir.toUpperCase()) {
        case "LTR":
            colRules = document.styleSheets[0].cssRules;
            if (colRules !== null && colRules !== undefined ) {            
                for (i = 0; i < colRules.length - 1; i++) {
                    nug = colRules[i];
                    strClass = nug.selectorText;
                    if (nug.style.textAlign === "right") {
                        nug.style.textAlign = "left";
                    }
                    switch (strClass) {
                        case "div .expando":
                            nug.style.Left = "";
                            nug.style.Right = strExpandoNumPixelsFromEdge;
                            break;
                        case "#objshowhide":
                            nug.style.textAlign = "right";
                            break;
                    }
                }
            }
            break;
        case "RTL":
            colRules = document.styleSheets[0].cssRules;
            if (colRules !== null && colRules !== undefined ) {            
                for (i = 0; i < colRules.length - 1; i++) {
                    nug = colRules[i];
                    strClass = nug.selectorText;
                    if (nug.style.textAlign === "left") {
                        nug.style.textAlign = "right";
                    }
                    switch (strClass) {
                        case "div .expando":
                            nug.style.Left = strExpandoNumPixelsFromEdge;
                            nug.style.Right = "";
                            break;
                        case "#objshowhide":
                            nug.style.textAlign = "left";
                            break;
                    }
                }
            }
            break;
    }
}

/*'================================================================================
'When printing reports, if a given section is expanded, let's says "shown" (instead of "hide" in the UI).
'================================================================================
*/
function window_onbeforeprint() {
    var obji;
    for (obji in document.all) {
        if (document.all.hasOwnProperty(obji)) {
            if (obji.className === "expando") {
                if (obji.innerText === strHide) {
                    obji.innerText = strShown;
                }
                if (obji.innerText === strShow) {
                    obji.innerText = strHidden;
                }
            }
        }
    }
}

/*================================================================================
'If a section is collapsed, change to "hidden" in the printout (instead of "show").
'================================================================================
*/
function window_onafterprint() {
    var obji;
    for (obji in document.all) {
        if (document.all.hasOwnProperty(obji)) {
            if (obji.className === "expando") {
                if (obji.innerText === strShown) {
                    obji.innerText = strHide;
                }
                if (obji.innerText === strHidden) {
                    obji.innerText = strShow;
                }
            }
        }
    }
}

/*================================================================================
' Adding keypress support for accessibility
'================================================================================
*/
function document_onkeypress(event) {
    var chCode = ('charCode' in event) ? event.charCode : event.keyCode;

    //space bar (32) or carriage return (13) or line feed (10)
    if (chCode == "32" || chCode == "13" || chCode == "10") {
        if (event.srcElement.className === "expando") {
            document_onclick();
            event.returnValue = false;
        }
        if (event.srcElement.className === "sectionTitle") {
            document_onclick();
            event.returnValue = false;
        }
        if (event.srcElement.id === "objshowhide") {
            objshowhide_onClick();
            event.returnValue = false;
        }
    }
}

/*================================================================================
' When user clicks anywhere in the document body, determine if user is clicking
' on a header element.
'================================================================================
*/
function document_onclick() {
    var strsrc = window.event.srcElement;

    while (strsrc.className === "sectionTitle" || strsrc.className === "expando") {
        strsrc = strsrc.parentElement;
    }

    // Only handle clicks on headers.
    if (!IsSectionHeader(strsrc)) {
        return;
    }

    ToggleSection(strsrc);

    window.event.returnValue = false;
}

function ToggleState(e) {
    var objParentDisplayItem;
    var objDisplayItem;
    var i;

    if (e.innerText === strShow) {
        e.innerText = strHide;
        objParentDisplayItem = e.parentNode;
        objDisplayItem = objParentDisplayItem.childNodes;
        for (i = 0; i < objDisplayItem.length; i++) {
            if (objDisplayItem[i].id === "showItem") {
                objDisplayItem[i].style.display = "Block";
            }
        }
    }
    else {
        e.innerText = strShow;
        objParentDisplayItem = e.parentNode;
        objDisplayItem = objParentDisplayItem.childNodes;
        for (i = 0; i < objDisplayItem.length; i++) {
            if (objDisplayItem[i].id === "showItem") {
                objDisplayItem[i].style.display = "None";
            }
        }
    }
}

function traverseToURL(url) {
    if (url != null) {
        var urlInitialSubstr = url.substring(0, 4).toLowerCase();
        if (urlInitialSubstr === "http") {
            window.open(url, "_blank");
        }
    }
}

function getExplainWindowTitle() {
    return document.getElementById("explainText_windowTitle").innerHTML;
}

function getExplainWindowStyles() {
    return document.getElementById("explainText_windowStyles").innerHTML;
}

function getExplainWindowSettingPathLabel() {
    return document.getElementById("explainText_settingPathLabel").innerHTML;
}

function getExplainWindowExplainTextLabel() {
    return document.getElementById("explainText_explainTextLabel").innerHTML;
}

function getExplainWindowPrintButton() {
    return document.getElementById("explainText_printButton").innerHTML;
}

function getExplainWindowCloseButton() {
    return document.getElementById("explainText_closeButton").innerHTML;
}

function getNoExplainTextAvailable() {
    return document.getElementById("explainText_noExplainTextAvailable").innerHTML;
}

function getExplainWindowSupportedLabel() {
    return document.getElementById("explainText_supportedLabel").innerHTML;
}

function getNoSupportedTextAvailable() {
    return document.getElementById("explainText_noSupportedTextAvailable").innerHTML;
}

function showExplainText(srcElement)
{
    var strDiagArgs;

    var strSettingName = srcElement.getAttribute("gpmc_settingName");
    var strSettingPath = srcElement.getAttribute("gpmc_settingPath");
    var strSettingDescription = srcElement.getAttribute("gpmc_settingDescription");

    if (strSettingDescription === "")
    {
        strSettingDescription = getNoExplainTextAvailable();
    }

    var strSupported = srcElement.getAttribute("gpmc_supported");

    if (strSupported === "")
    {
        strSupported = getNoSupportedTextAvailable();
    }

    var strHtml = "<html dir=" + document.dir +  ">\n";
    strHtml += "<head>\n";
    strHtml += "<title>" + getExplainWindowTitle() + "</title>\n";
    strHtml += "<style type='text/css'>\n" + getExplainWindowStyles() + "</style>\n";
    strHtml += "</head>\n";
    strHtml += "<body>\n";
    strHtml += "<div class='head'>" + strSettingName +"</div>\n";
    strHtml += "<div class='path'><b>" + getExplainWindowSettingPathLabel() + "</b><br/>" + strSettingPath +"</div>\n";
    strHtml += "<div class='path'><b>" + getExplainWindowSupportedLabel() + "</b><br/>" + strSupported +"</div>\n";
    strHtml += "<div class='info'>\n";
    strHtml += "<div class='hdr'>" + getExplainWindowExplainTextLabel() + "</div>\n";
    strHtml += "<div class='bdy'>" + strSettingDescription + "</div>\n";
    strHtml += "<div class='btn'>";
    strHtml += getExplainWindowPrintButton();
    strHtml += getExplainWindowCloseButton();
    strHtml += "</div></body></html>";

    // IE specific method for showing the popup.
    if(navigator.userAgent.indexOf("MSIE") > 0 && window.location.toString().indexOf("file:") === -1)
    {
        strDiagArgs = "dialogHeight=360px;dialogWidth=630px;status=no;scroll=yes;resizable=yes;minimize=yes;maximize=yes;";

        var vModeless = window.showModelessDialog("about:blank", window, strDiagArgs);
        vModeless.document.write(strHtml);
        vModeless.document.close();
        vModeless.location.reload(false);
                        
        window.event.returnValue = false;
    }
    else
    {
        strDiagArgs = "height=360px, width=630px, status=no, toolbar=no, scrollbars=yes, resizable=yes ";
        
        var expWin = window.open("", "expWin", strDiagArgs);
        expWin.document.write("");
        expWin.document.close();
        expWin.document.write(strHtml);
        expWin.document.close();
        expWin.focus();
    }
    
    return false;
}

function showEvents(srcElement,bVerbose,bInformational,bWarning,bError)
{
    var strWindowId = "EventDetails_" + srcElement.getAttribute("eventLogActivityId");
    if((windowsArray[strWindowId]) && (windowsArray[strWindowId].closed === false)) {
        windowsArray[strWindowId].focus();
    } else {
        var eventIdLabelNode, eventTimeLabelNode, eventDescriptionLabelNode, eventDetailsLabelNode, eventXmlLabelNode, gpEventsTitleNode;
        var eventIdLabelNodeText, eventTimeLabelNodeText, eventDescriptionLabelNodeText, eventXmlLabelNodeText, gpEventsTitleNodeText, eventDetailsLabelNodeText;
        var singlePassEventsDetailsNode, eventRecordArray;
        var dataNotFoundWarningLabelNode, dataNotFoundWarningLabelNodeText;
        var mainSection;
        var attributeValue;
        var singlePassEventsDetails;
        var singlePassEventsDetailsChildren;
        var node;
        var children;
        var xmlDocumentRoot;
        var xmlDocument;
        var serializer;
        var itemSub;
        var doc;

        if (window.XMLSerializer) 
        {
           serializer = new XMLSerializer();
        }

        if (window.DOMParser) 
        {
           // This browser appears to support DOMParser
           parser = new DOMParser();

           doc = document.getElementById("data-island").textContent;
           xmlDocumentRoot = parser.parseFromString(doc, "application/xml");
           xmlDocument = xmlDocumentRoot.documentElement;
           itemSub = 1;
        } 
        else 
        { 
           // Internet Explorer, create a new XML document using ActiveX 
           // and use loadXML as a DOM parser. 
           try 
           {
              doc = document.getElementById("data-island");

              xmlDocumentRoot = new ActiveXObject("Msxml2.DOMDocument.6.0"); 
              xmlDocumentRoot.async = false; 
              xmlDocumentRoot.loadXML(doc.innerHTML);
              xmlDocument = xmlDocumentRoot.documentElement;
              itemSub = 0;
           } 
           catch(e) 
           {
              // Not supported.
           }
        }

        if (xmlDocument != null) {
            mainSection = xmlDocument.getElementsByTagName("MainSection")[0].childNodes;

            if (mainSection != null) {
                for (children = 0; children < mainSection.length; children++) {
                    node = mainSection[children];
                    if (node.nodeType === 1 && node.nodeName === 'Label') {
                        attributeValue = node.getAttribute("Name");
                        if (attributeValue != null) {
                            if (attributeValue === 'ComponentStatus_EventId') {
                                eventIdLabelNode = node.childNodes[1];
                            }
                            if (attributeValue === 'ComponentStatus_EventTime') {
                                eventTimeLabelNode = node.childNodes[1];
                            }
                            if (attributeValue === 'ComponentStatus_EventDescription') {
                                eventDescriptionLabelNode = node.childNodes[1];
                            }
                            if (attributeValue === 'ComponentStatus_EventXml') {
                                eventXmlLabelNode = node.childNodes[1];
                            }
                            if (attributeValue === 'ComponentStatus_EventDetails') {
                                eventDetailsLabelNode = node.childNodes[1];
                            }
                            if (attributeValue === 'ComponentStatus_GPEvents') {
                                gpEventsTitleNode = node.childNodes[1];
                            }
                            if (attributeValue === 'Warning_DataNotFound') {
                                dataNotFoundWarningLabelNode = node.childNodes[1];
                            }
                        }
                    }
                }
            }

            singlePassEventsDetails = xmlDocument.getElementsByTagName("SinglePassEventsDetails");
            if (singlePassEventsDetails != null) {
                for (singlePassEventsDetailsChildren = 0; singlePassEventsDetailsChildren < singlePassEventsDetails.length; singlePassEventsDetailsChildren++) {
                    node = singlePassEventsDetails[singlePassEventsDetailsChildren];
                    attributeValue = node.getAttribute("ActivityId");
                    if (attributeValue === srcElement.getAttribute("eventLogActivityId")) {
                        singlePassEventsDetailsNode = node;
                    }
                }
            }
        }
        
        eventIdLabelNodeText = null;
        if (eventIdLabelNode != null) {
            if (eventIdLabelNode.childNodes.length > 0) {
                eventIdLabelNodeText = eventIdLabelNode.childNodes[0].nodeValue;
            }
        }
        if (eventIdLabelNodeText == null) {
            eventIdLabelNodeText = "Event ID";
        }

        eventTimeLabelNodeText = null;
        if (eventTimeLabelNode != null) {
            if (eventTimeLabelNode.firstChild.childNodes.length > 0) {
                eventTimeLabelNodeText = eventTimeLabelNode.childNodes[0].nodeValue;
            }
        }
        if (eventTimeLabelNodeText == null) {
            eventTimeLabelNodeText = "Event Time";
        }

        eventDescriptionLabelNodeText = null;
        if (eventDescriptionLabelNode != null) {
            if (eventDescriptionLabelNode.childNodes.length > 0) {
                eventDescriptionLabelNodeText = eventDescriptionLabelNode.childNodes[0].nodeValue;
            }
        }
        if (eventDescriptionLabelNodeText == null) {
            eventDescriptionLabelNodeText = "Event Description";
        }

        eventXmlLabelNodeText = null;
        if (eventXmlLabelNode != null) {
            if (eventXmlLabelNode.childNodes.length > 0) {
                eventXmlLabelNodeText = eventXmlLabelNode.childNodes[0].nodeValue;
            }
        }
        if (eventXmlLabelNodeText == null) {
            eventXmlLabelNodeText = "Event XML";
        }

        gpEventsTitleNodeText = null;
        if (gpEventsTitleNode != null) {
            if (gpEventsTitleNode.childNodes.length > 0) {
                gpEventsTitleNodeText = gpEventsTitleNode.childNodes[0].nodeValue;
            }
        }
        if (gpEventsTitleNodeText == null) {
            gpEventsTitleNodeText = "Group Policy Events";
        }

        eventDetailsLabelNodeText = null;
        if (eventDetailsLabelNode != null) {
            if (eventDetailsLabelNode.childNodes.length > 0) {
                eventDetailsLabelNodeText = eventDetailsLabelNode.childNodes[0].nodeValue;
            }
        }
        if (eventDetailsLabelNodeText == null) {
            eventDetailsLabelNodeText = "Event Details";
        }

        dataNotFoundWarningLabelNodeText = null;
        if (dataNotFoundWarningLabelNode != null) {
            if (dataNotFoundWarningLabelNode.childNodes.length > 0) {
                dataNotFoundWarningLabelNodeText = dataNotFoundWarningLabelNode.childNodes[0].nodeValue;
            }
        }
        if (dataNotFoundWarningLabelNodeText == null) {
            dataNotFoundWarningLabelNodeText = "Data Not Found";
        }
                
        if(singlePassEventsDetailsNode != null)
        {
            eventRecordArray = singlePassEventsDetailsNode.getElementsByTagName("EventRecord");
        }
        
        var htmlText = "<html dir=" + document.dir +  ">";
        htmlText = htmlText + "<head>";
        htmlText = htmlText + "<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\" />";
        htmlText = htmlText + "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-16\" />";
        htmlText = htmlText + "<title>" + gpEventsTitleNodeText + "</title>";
        htmlText = htmlText + "</head><style type=\"text/css\">";
        htmlText = htmlText + "body    { background-color:#FFFFFF; color:#000000; font-size:68%; font-family:MS Shell Dlg; margin:0,0,10px,0; word-break:normal; word-wrap:break-word; }";
        htmlText = htmlText + "table   { font-size:100%; table-layout:fixed; width:100%; }";
        htmlText = htmlText + "td,th   { overflow:visible; text-align:left; vertical-align:top; white-space:normal; }";
        htmlText = htmlText + ".he1    { text-align: center; vertical-align: middle; background-color:#C0D2DE; border:1px solid #BBBBBB; color:#000000; cursor:hand; display:block; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; height:4em; position:relative; }";
        htmlText = htmlText + ".centerTxt { text-align: center; }";
        htmlText = htmlText + ".txtFormat1 { text-align: left; vertical-align:top; white-space:pre-line; }";
        htmlText = htmlText + "</style>";
      
        htmlText = htmlText + "<script> function toggle(e) {";
        htmlText = htmlText + "if (e.style.display === \"none\"){ e.style.display = \"\"; }";
        htmlText = htmlText + "else { e.style.display = \"none\"; }";
        htmlText = htmlText + "}</";
        htmlText = htmlText + "script";
        htmlText = htmlText + ">";
      
        htmlText = htmlText + "<body><table border=1><tr>";
        htmlText = htmlText + "<th class=\"he1\"><strong>" + eventIdLabelNodeText + "</strong></th>";
        htmlText = htmlText + "<th class=\"he1\"><strong>" + eventTimeLabelNodeText + "</strong></th>";
        htmlText = htmlText + "<th class=\"he1\"><strong>" + eventDescriptionLabelNodeText + "</strong></th>";
        htmlText = htmlText + "<th class=\"he1\"><strong>" + eventDetailsLabelNodeText + "</strong></th>";

        htmlText = htmlText + "</tr>";
        var i;
        var eventId;
        var eventTime;
        var eventDescription;
        var eventXml;
        var eventType;
        var displayEvent;
        var eventXmlId;
        var displayBgColor;

        if(eventRecordArray != null && eventRecordArray.length > 0)
        {
            for (i=0; i < eventRecordArray.length; i++)
            {
                displayEvent = false;
                var eventIdElements = eventRecordArray[i].getElementsByTagName("EventId");        
                if((eventIdElements != null) && (eventIdElements.length > 0) && (eventIdElements[0].firstChild != null))
                {
                    eventId =  eventIdElements[0].firstChild.nodeValue;
                }
                else
                {
                    eventId =  dataNotFoundWarningLabelNodeText;
                }
                var eventTimeElements = eventRecordArray[i].getElementsByTagName("EventTime");
                if((eventTimeElements != null) && (eventTimeElements.length > 0) && (eventTimeElements[0].firstChild != null))
                {
                    eventTime = eventTimeElements[0].firstChild.nodeValue;
                }
                else
                {
                    eventTime = dataNotFoundWarningLabelNodeText;
                }
                var eventDescriptionElements = eventRecordArray[i].getElementsByTagName("EventDescription");
                if((eventDescriptionElements != null) && (eventDescriptionElements.length > 0) && (eventDescriptionElements[0].firstChild != null))
                {
                        eventDescription = eventDescriptionElements[0].firstChild.nodeValue;
                }
                else
                {
                    eventDescription = dataNotFoundWarningLabelNodeText;
                }
                var eventXmlElements = eventRecordArray[i].getElementsByTagName("EventXml");
                if((eventXmlElements != null) && (eventXmlElements.length > 0) && (eventXmlElements[0].firstChild != null))
                {
                    if (window.XMLSerializer) 
                    {
                       var xml = serializer.serializeToString(eventXmlElements[0].firstChild);
                       eventXml = xml;
                    } 
                    else 
                    {
                       if (typeof eventXmlElements[0].firstChild.xml != "undefined") 
                       {
                          eventXml = eventXmlElements[0].firstChild.xml;
                       }
                    }
                }
                else
                {
                    eventXml = dataNotFoundWarningLabelNodeText;
                }
                var eventLevelElements = eventRecordArray[i].getElementsByTagName("EventLevel");
                if((eventLevelElements != null) && (eventLevelElements.length > 0) && (eventLevelElements[0].firstChild != null))
                {
                    eventType = eventLevelElements[0].firstChild.nodeValue;
                }
                else
                {
                    eventType = 5;
                }
                
                if((bVerbose === true)&&(eventType == 5))
                {
                    displayEvent = true;
                }
                else if((bInformational === true)&&(eventType == 4))
                {
                    displayEvent = true;
                }
                else if((bWarning === true)&&(eventType == 3))
                {
                    displayEvent = true;
                }
                else if((bError === true)&&((eventType == 1)||(eventType == 2)))
                {
                    displayEvent = true;
                }
                
                if (displayEvent === true)
                {
                    eventXmlId = "EventXml" + (i+"");
                    htmlText = htmlText + "<tr>";
                    htmlText = htmlText + "<td class=\"centerTxt\" style=\"background:" + displayBgColor +"\">" + eventId + "</td>";
                    htmlText = htmlText + "<td class=\"centerTxt\" style=\"background:" + displayBgColor +"\">" + eventTime + "</td>";
                    htmlText = htmlText + "<td class=\"txtFormat1\" style=\"background:" + displayBgColor +"\">" + eventDescription + "</td>";
                    htmlText = htmlText + "<td style=\"background:" + displayBgColor +"\"><span style=\"color:blue; cursor:hand\" onclick=\"toggle(" + eventXmlId +");\" onKeyPress=\"toggle(" + eventXmlId + ");\" tabIndex=1 >";
                    htmlText = htmlText + eventXmlLabelNodeText + "</span><br/>";
                    htmlText = htmlText + "<span style=\"display:none\" id=" + eventXmlId +">";
                    htmlText = htmlText + eventXml + "</span>";
                    htmlText = htmlText + "</td>";
                    htmlText = htmlText + "</tr>";
                }
            }
        }
        htmlText = htmlText + "</table></body></html>";

        if(windowsArray[strWindowId])
        {
            delete windowsArray[strWindowId];
        }
        
        // IE specific method for showing the popup.
        if(navigator.userAgent.indexOf("MSIE") > 0 && window.location.toString().indexOf("file:") === -1)
        {
            var strDiagArgs = "dialogHeight=360px;dialogWidth=630px;status=no;scroll=yes;resizable=yes;minimize=yes;maximize=yes;";

            var vModeless = window.showModelessDialog("about:blank", window, strDiagArgs);
            vModeless.document.write(htmlText);
            vModeless.document.close();
            vModeless.location.reload(false);
            windowsArray[strWindowId] = vModeless;            
        }
        else
        {
            var strDiagArgs = "height=360px, width=630px, status=no, toolbar=no, scrollbars=yes, resizable=yes";
        
            windowsArray[strWindowId] = window.open("", "", strDiagArgs);
            windowsArray[strWindowId].document.write(htmlText);
            windowsArray[strWindowId].focus();
        } 
    }

    xmlDocumentRoot = null;
}

function cleanUp() {
    var windowsArray = this.windowsArray;
    for (var currentWindow in windowsArray) {
        if (windowsArray.hasOwnProperty(currentWindow)) {
            windowsArray[currentWindow].close();
        }
    }
}

function getMessageText(messageNode) {
    if (messageNode != null) {
        if (messageNode.firstChild != null) {
            if (messageNode.firstChild.nodeType === 3) {
                for (var i = 0; i < messageNode.childNodes.length; i++) 
                {
                    var curNode = messageNode.childNodes[i];
                    if(curNode.nodeType === 1){
                        return curNode.childNodes[0].nodeValue;
                    }
                }
            } else {
                return messageNode.firstChild.childNodes[0].nodeValue;
            }
        }
    }
    return null;
}

function showComponentProcessingDetails(srcElement) {
    var strWindowId = "ProcessingDetails_" + srcElement.getAttribute("eventLogActivityId");
    if ((windowsArray[strWindowId]) && (windowsArray[strWindowId].closed === false)) {
        windowsArray[strWindowId].focus();
    } else {
        var doc;
        var parser;
        var xmlDocumentRoot;
        var xmlDocument;

        var extensionsProcessedLabelNode, slowLinkThresholdLabelNode, linkSpeedLabelNode, extensionsProcessedTimeTakenNode;
        var domainControllerIpLabelNode, domainControllerNameLabelNode, processingTypeLabelNode, loopbackModeLabelNode;
        var processingTriggerLabelNode, extensionNameLabelNode, timeTakenLabelNode;
        var dataNotFoundWarningLabelNode;
        var singlePassEventsDetailsNode, totalProcessingTimeLabelNode, refreshMessageLabelNode;
        var processingDetailsUserTitleNode, processingDetailsComputerTitleNode;
        var policySectionNode;
        var policyEventsDetailsNode, detailsLabelNode;

        var extensionsProcessedLabelNodeText, slowLinkThresholdLabelNodeText, linkSpeedLabelNodeText, extensionsProcessedTimeTakenNodeText;
        var domainControllerIpLabelNodeText, domainControllerNameLabelNodeText, processingTypeLabelNodeText, loopbackModeLabelNodeText;
        var processingTriggerLabelNodeText, extensionNameLabelNodeText, timeTakenLabelNodeText;
        var dataNotFoundWarningLabelNodeText, totalProcessingTimeLabelNodeText, refreshMessageLabelNodeText;
        var processingDetailsUserTitleNodeText, processingDetailsComputerTitleNodeText;
        var detailsLabelNodeText;

        var slowLinkThresholdValue, linkSpeedValue, domainControllerIpValue, domainControllerNameValue;
        var processingTypeValue, loopbackModeValue, processingTriggerValue, totalPolicyProcessingTime, extensionProcessingTimeArray;
        var cseNameArray = new Array();
        var cseElapsedTimeArray = new Array();
        var policyApplicationFinishedTime;

        var isComputerProcessing;
        var strDiagArgs;
        var mainSection;
        var attributeValue;
        var singlePassEventsDetails;
        var singlePassEventsDetailsChildren;
        var node;
        var children;
        var itemSub;

        if (window.DOMParser) 
        {
           // This browser appears to support DOMParser
           parser = new DOMParser();
           doc = document.getElementById("data-island").textContent;

           xmlDocumentRoot = parser.parseFromString(doc, "application/xml");

           xmlDocument = xmlDocumentRoot.documentElement;

           itemSub = 1;
        } 
        else 
        { 
           // Internet Explorer, create a new XML document using ActiveX 
           // and use loadXML as a DOM parser. 
           try 
           {
              doc = document.getElementById("data-island");

              xmlDocumentRoot = new ActiveXObject("Msxml2.DOMDocument.6.0"); 
              xmlDocumentRoot.async = false; 
              xmlDocumentRoot.loadXML(doc.innerHTML);
              xmlDocument = xmlDocumentRoot.documentElement;
              itemSub = 0;
           } 
           catch(e) 
           {
              // Not supported.
           }
        }

        if (xmlDocument != null) {
            mainSection = xmlDocument.getElementsByTagName("MainSection")[0].childNodes;

            if (mainSection != null) {
                for (children = 0; children < mainSection.length; children++) {
                    node = mainSection[children];
                    if (node.nodeType === 1 && node.nodeName === 'Label') {
                        attributeValue = node.getAttribute("Name")
                        if (attributeValue != null) {
                            if (attributeValue === 'ComponentStatus_ExtensionsProcessed') {
                                extensionsProcessedLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_SlowLinkThreshold') {
                                slowLinkThresholdLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_LinkSpeed') {
                                linkSpeedLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_TimeTaken') {
                                extensionsProcessedTimeTakenNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_DomainControllerIP') {
                                domainControllerIpLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_DomainControllerName') {
                                domainControllerNameLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_ProcessingTrigger') {
                                processingTriggerLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_ExtensionName') {
                                extensionNameLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_TimeTaken') {
                                timeTakenLabelNode = node;
                            }
                            if (attributeValue === 'Warning_DataNotFound') {
                                dataNotFoundWarningLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_TotalProcessingTime') {
                                totalProcessingTimeLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_RefreshMessage') {
                                refreshMessageLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_UserProcessingDetails') {
                                processingDetailsUserTitleNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_ComputerProcessingDetails') {
                                detailsLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_ProcessingType') {
                                processingTypeLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_LoopbackMode') {
                                loopbackModeLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_UserProcessingDetails') {
                                processingDetailsUserTitleNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_ComputerProcessingDetails') {
                                processingDetailsComputerTitleNode = node;
                            }
                        }
                    }
                }
            }

            singlePassEventsDetails = xmlDocument.getElementsByTagName("SinglePassEventsDetails");
            if (singlePassEventsDetails != null) {
                for (singlePassEventsDetailsChildren = 0; singlePassEventsDetailsChildren < singlePassEventsDetails.length; singlePassEventsDetailsChildren++) {
                    node = singlePassEventsDetails[singlePassEventsDetailsChildren];
                    if (node.getAttribute("ActivityId") === srcElement.getAttribute("eventLogActivityId")) {
                        singlePassEventsDetailsNode = node;
                    }
                }
            }

            if (singlePassEventsDetailsNode) {
                policyEventsDetailsNode = singlePassEventsDetailsNode.parentNode;
                if (policyEventsDetailsNode) {
                    policySectionNode = policyEventsDetailsNode.parentNode;
                    if (policySectionNode) {
                        if (policySectionNode.nodeName === 'UserPolicySection') {
                            isComputerProcessing = false;
                        }
                        if (policySectionNode.nodeName === 'ComputerPolicySection') {
                            isComputerProcessing = true;
                        }
                    }
                }
            }
        }

        
        extensionsProcessedLabelNodeText = getMessageText(extensionsProcessedLabelNode);
        slowLinkThresholdLabelNodeText = getMessageText(slowLinkThresholdLabelNode);
        linkSpeedLabelNodeText = getMessageText(linkSpeedLabelNode);
        domainControllerIpLabelNodeText = getMessageText(domainControllerIpLabelNode);
        domainControllerNameLabelNodeText = getMessageText(domainControllerNameLabelNode);
        processingTypeLabelNodeText = getMessageText(processingTypeLabelNode);
        loopbackModeLabelNodeText = getMessageText(loopbackModeLabelNode);
        processingTriggerLabelNodeText = getMessageText(processingTriggerLabelNode);
        extensionNameLabelNodeText = getMessageText(extensionNameLabelNode);
        timeTakenLabelNodeText = getMessageText(timeTakenLabelNode);
        processingDetailsUserTitleNodeText = getMessageText(processingDetailsUserTitleNode);
        processingDetailsComputerTitleNodeText = getMessageText(processingDetailsComputerTitleNode);
        dataNotFoundWarningLabelNodeText = getMessageText(dataNotFoundWarningLabelNode);
        totalProcessingTimeLabelNodeText = getMessageText(totalProcessingTimeLabelNode);
        refreshMessageLabelNodeText = getMessageText(refreshMessageLabelNode);
        detailsLabelNodeText = getMessageText(detailsLabelNode);
     

        slowLinkThresholdValue = null;
        linkSpeedValue = null;
        domainControllerIpValue = null;
        domainControllerNameValue = null;
        processingTypeValue = null;
        loopbackModeValue = null;
        processingTriggerValue = null;

        if (singlePassEventsDetailsNode != null) {
            slowLinkThresholdValue = singlePassEventsDetailsNode.getAttribute("SlowLinkThresholdInKbps");
            linkSpeedValue = singlePassEventsDetailsNode.getAttribute("LinkSpeedInKbps");
            domainControllerIpValue = singlePassEventsDetailsNode.getAttribute("DomainControllerIPAddress");
            domainControllerNameValue = singlePassEventsDetailsNode.getAttribute("DomainControllerName");
            processingTypeValue = singlePassEventsDetailsNode.getAttribute("ProcessingAppMode");
            loopbackModeValue = singlePassEventsDetailsNode.getAttribute("PolicyProcessingMode");
            processingTriggerValue = singlePassEventsDetailsNode.getAttribute("ProcessingTrigger");
            totalPolicyProcessingTime = singlePassEventsDetailsNode.getAttribute("PolicyElapsedTime");
            extensionProcessingTimeArray = singlePassEventsDetailsNode.getElementsByTagName("ExtensionProcessingTime");
        }
        if (slowLinkThresholdValue == null) {
            slowLinkThresholdValue = dataNotFoundWarningLabelNodeText;
        }
        if (linkSpeedValue == null) {
            linkSpeedValue = dataNotFoundWarningLabelNodeText;
        }
        if (domainControllerIpValue == null) {
            domainControllerIpValue = dataNotFoundWarningLabelNodeText;
        }
        else {
            domainControllerIpValue = domainControllerIpValue.replace(/^\\\\/, "");
        }
        if (domainControllerNameValue == null) {
            domainControllerNameValue = dataNotFoundWarningLabelNodeText;
        }
        else {
            domainControllerNameValue = domainControllerNameValue.replace(/^\\\\/, "");
        }
        if (processingTypeValue == null) {
            processingTypeValue = dataNotFoundWarningLabelNodeText;
        }
        if (loopbackModeValue == null) {
            loopbackModeValue = dataNotFoundWarningLabelNodeText;
        }
        if (processingTriggerValue == null) {
            processingTriggerValue = dataNotFoundWarningLabelNodeText;
        }

        if (extensionProcessingTimeArray != null && extensionProcessingTimeArray.length > 0) {
            var cseName;
            var cseElapsedTime;
            var cseProcessedTime;
            var cseId;
            var i;
            var index = 0;
            for (i = 0; i < extensionProcessingTimeArray.length; i++) {
                var cseNameElements = extensionProcessingTimeArray[i].getElementsByTagName("ExtensionName");
                var cseElapsedTimeElements = extensionProcessingTimeArray[i].getElementsByTagName("ElapsedTime");
                var cseProcessedTimeElements = extensionProcessingTimeArray[i].getElementsByTagName("ProcessedTime");
                var cseIdElements = extensionProcessingTimeArray[i].getElementsByTagName("ExtensionGuid");
                if ((cseNameElements.length > 0) && (cseElapsedTimeElements.length > 0) && (cseProcessedTimeElements.length > 0) && (cseIdElements.length > 0)) {
                    if ((cseNameElements[0].firstChild != null) && (cseElapsedTimeElements[0].firstChild != null) && (cseProcessedTimeElements[0].firstChild != null) && (cseIdElements[0].firstChild != null)) {
                        cseName = cseNameElements[0].firstChild.nodeValue;
                        cseElapsedTime = cseElapsedTimeElements[0].firstChild.nodeValue;
                        cseProcessedTime = cseProcessedTimeElements[0].firstChild.nodeValue;
                        cseId = cseIdElements[0].firstChild.nodeValue;
                        if ((cseName != null) && (cseElapsedTime != null) && (cseProcessedTime != null) && (cseId != null)) {
                            cseNameArray[index] = cseName;
                            cseElapsedTimeArray[index] = cseElapsedTime;
                            index = index + 1;
                            if (cseId === '{00000000-0000-0000-0000-000000000000}') {
                                policyApplicationFinishedTime = cseProcessedTime;
                            }
                        }
                    }
                }
            }
        }
          
        var htmlText = "<html dir=" + document.dir +  ">";
        htmlText = htmlText + "<head>";
        htmlText = htmlText + "<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\" />";
        htmlText = htmlText + "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-16\" />";
        if(isComputerProcessing != null)
        {
            if(isComputerProcessing === true)
            {
                htmlText = htmlText + "<title>" + processingDetailsComputerTitleNodeText + "</title>";
            }
            else
            {
                htmlText = htmlText + "<title>" + processingDetailsUserTitleNodeText + "</title>";
            }
        }
        

        htmlText = htmlText + "</head><style type=\"text/css\">";
        htmlText = htmlText + "body    { background-color:#FFFFFF; color:#000000; font-size:68%; font-family:MS Shell Dlg; margin:0,0,10px,0; word-break:normal; word-wrap:break-word; }";
        htmlText = htmlText + "table   { font-size:100%; table-layout:fixed; width:100%; }";
        htmlText = htmlText + "td,th   { overflow:visible; text-align:left; vertical-align:top; white-space:normal; }";
        htmlText = htmlText + ".he0    { background-color:#FEF7D6; border:1px solid #BBBBBB; display:block; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; height:2.25em; margin-bottom:-1px; margin-left:0px; margin-right:0px; padding-left:8px; padding-right:5em; padding-top:4px; position:relative; width:100%; }";
        htmlText = htmlText + ".he1    { color:#000000; display:block; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; height:2em;margin-left: 5 px; margin-top: 5 px; position:relative; width:100%; }";
        htmlText = htmlText + ".tblspecialfmt { border:1px solid black;border-collapse:collapse; }";
        htmlText = htmlText + ".tblfirstcolfmt { border-left-width: 1px;border-top-width: 1px;border-bottom-width: 1px;border-right-width: 0px;border-style: solid; border-color: black; }";
        htmlText = htmlText + ".tblsecondcolfmt { border-left-width: 0px;border-top-width: 1px;border-bottom-width: 1px;border-right-width: 1px;border-style: solid; border-color: black; }";
        htmlText = htmlText + "</style>";
        htmlText = htmlText + "<body>";
        htmlText = htmlText + "<span class=\"he1\">" + refreshMessageLabelNodeText + " " + policyApplicationFinishedTime + "</span>" ;
        htmlText = htmlText + "<div class=\"he0\">" + detailsLabelNodeText + "</div>"
        htmltext = htmlText + "<table><tr>";

        htmlText = htmlText + "<td>";
        htmlText = htmlText + "<table>";
        htmlText = htmlText + "<tr><td colspan=\"2\">&nbsp;</td></tr>";


        htmlText = htmlText + "<tr><td style=\"width: 50%\"><strong>" + processingTypeLabelNodeText + "</strong></td>";
        htmlText = htmlText + "<td>" + processingTypeValue + "</td></tr>";

        htmlText = htmlText + "<tr><td style=\"width: 50%\"><strong>" + loopbackModeLabelNodeText + "</strong></td>";
        htmlText = htmlText + "<td>" + loopbackModeValue + "</td></tr>";

        htmlText = htmlText + "<tr><td style=\"width: 50%\"><strong>" + linkSpeedLabelNodeText + "</strong></td>";
        htmlText = htmlText + "<td>" + linkSpeedValue + "</td></tr>";

        htmlText = htmlText + "<tr><td style=\"width: 50%\"><strong>" + slowLinkThresholdLabelNodeText + "</strong></td>";
        htmlText = htmlText + "<td>" + slowLinkThresholdValue + "</td></tr>";

        htmlText = htmlText + "<tr><td style=\"width: 50%\"><strong>" + domainControllerNameLabelNodeText + "</strong></td>";
        htmlText = htmlText + "<td>" + domainControllerNameValue +"</td></tr>";

        htmlText = htmlText + "<tr><td style=\"width: 50%\"><strong>" + domainControllerIpLabelNodeText + "</strong></td>";
        htmlText = htmlText + "<td>" + domainControllerIpValue +"</td></tr>";

        htmlText = htmlText + "<tr><td style=\"width: 50%\"><strong>" + processingTriggerLabelNodeText + "</strong></td>";
        htmlText = htmlText + "<td>" + processingTriggerValue + "</td></tr>";

        htmlText = htmlText + "</table></td></tr>";
        htmlText = htmlText + "<tr ><td ><table>";


        htmlText = htmlText + "<tr><td><span class=\"he1\" >" + extensionsProcessedLabelNodeText +"</span></td></tr>";
        htmlText = htmlText + "<tr><td><table class=\"tblspecialfmt\" >";
        htmlText = htmlText + "<tr><td class=\"tblfirstcolfmt\" style=\"width: 50%;background-color:#FEF7D6;\"><strong>" + extensionNameLabelNodeText + "</strong></td>";
        htmlText = htmlText + "<td class=\"tblsecondcolfmt\" style=\"background-color:#FEF7D6;\" ><strong>" + timeTakenLabelNodeText + "</strong></td></tr>";

        for (var idx in cseNameArray)
        {
            htmlText = htmlText + "<tr><td style=\"width: 50%\">" + cseNameArray[idx] + "</td>";                   
            htmlText = htmlText + "<td>" + cseElapsedTimeArray[idx] + "</td></tr>";
        }

        if (totalPolicyProcessingTime != null)
        {
            htmlText = htmlText + "<tr><td class=\"tblfirstcolfmt\" style=\"width: 50%\" >" + totalProcessingTimeLabelNodeText +":</td>";
            htmlText = htmlText + "<td class=\"tblsecondcolfmt\">" + totalPolicyProcessingTime + "</td></tr>";
        }
        htmlText = htmlText + "</table></td></tr></table></td></tr></table></body></html>";

        if(windowsArray[strWindowId])
        {
            delete windowsArray[strWindowId];
        }
         
        // IE specific method for showing the popup.
        if(navigator.userAgent.indexOf("MSIE") > 0 && window.location.toString().indexOf("file:") === -1)
        {
            strDiagArgs = "dialogHeight=360px;dialogWidth=630px;status=no;scroll=yes;resizable=yes;minimize=yes;maximize=yes;";

            var vModeless = window.showModelessDialog("about:blank", window, strDiagArgs);
            vModeless.document.write(htmlText);
            vModeless.document.close();
            vModeless.location.reload(false);
            windowsArray[strWindowId] = vModeless;                      
        }
        else
        {
            strDiagArgs = "height=360px, width=630px, status=no, toolbar=no, scrollbars=yes, resizable=yes";
        
            windowsArray[strWindowId] = window.open("", "" , strDiagArgs);
            windowsArray[strWindowId].document.write(htmlText);
            windowsArray[strWindowId].focus();
        }
    }

    xmlDocumentRoot = null;
}
</script>
</head>

<body onload="window_onload();" onclick="document_onclick();" onkeypress="document_onkeypress(event);" onunload="cleanUp();">

<!-- HTML resources -->
<div style="display:none;">
        <div id="explainText_windowTitle">Group Policy Management</div>
        <div id="explainText_windowStyles">
        
                            body  { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; }

                            .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; }

                            .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; }

                            .info { padding-left:10px;width:100%; }

                            table { font-size:100%; width:100%; border:1px solid #999999; }

                            th    { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; }

                            td    { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; }

                            .btn  { width:100%; text-align:right; margin-top:16px; }

                            .hdr  { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; }

                            .bdy  { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; }

                            button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; }

                            @media print {

                                .bdy { display:block; overflow:visible; }

                                button { display:none; }

                                .head { color:#000000; background:#FFFFFF; border:1px solid #000000; }

                            }

                
        </div>
        <div id="explainText_settingPathLabel">Setting Path:</div>
        <div id="explainText_explainTextLabel">Explanation</div>
        <div id="explainText_printButton">
        <button name="Print" onClick="window.print()" accesskey="P"><u>P</u>rint</button>

        </div>
        <div id="explainText_closeButton">
        <button name="Close" onClick="window.close()" accesskey="C"><u>C</u>lose</button>
                
        </div>
        <div id="explainText_noExplainTextAvailable">No explanation is available for this setting.</div>
        <div id="explainText_supportedLabel">Supported On:</div>
        <div id="explainText_noSupportedTextAvailable">Not available</div>
</div><table class="title" >
<tr><td colspan="2" class="gponame">MSFT Internet Explorer 11 - Computer</td></tr>
<tr>
    <td id="dtstamp">Data collected on: 9/19/2019 11:30:25 PM</td>
    <td><div id="objshowhide" tabindex="0" onclick="objshowhide_onClick();return false;"></div></td>
</tr>
</table>

<div class="gposummary">
<div class="he0_expanded"><span class="sectionTitle" tabindex="0">General</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he1"><span class="sectionTitle" tabindex="0">Details</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info" >
<tr><td scope="row">Domain</td><td>contoso.lab</td></tr>
<tr><td scope="row">Owner</td><td>CONTOSO\Domain Admins</td></tr>
<tr><td scope="row">Created</td><td>9/19/2019 10:00:18 PM</td></tr>
<tr><td scope="row">Modified</td><td>9/19/2019 10:07:50 PM</td></tr>
<tr><td scope="row">User Revisions</td><td>4 (AD), 4 (SYSVOL)</td></tr>
<tr><td scope="row">Computer Revisions</td><td>4 (AD), 4 (SYSVOL)</td></tr>
<tr><td scope="row">Unique ID</td><td>{902974D5-B604-4CA2-BB08-B23361AAD276}</td></tr>
<tr><td scope="row">GPO Status</td><td>User settings disabled</td></tr>
</table></div></div>
<div class="filler"></div>
<div class="he1"><span class="sectionTitle" tabindex="0">Links</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" ><tr><th scope="col">Location</th><th scope="col">Enforced</th><th scope="col">Link Status</th><th scope="col">Path</th></tr>
    <tr><td colspan="4">None</td></tr>
    </table>
    <br/>This list only includes links in the domain of the GPO.</div></div>
<div class="filler"></div>
<div class="he1"><span class="sectionTitle" tabindex="0">Security Filtering</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><b>The settings in this GPO can only apply to the following groups, users, and computers:</b></div>
<div class="he4i">
<table class="info" ><tr><th scope="col">Name</th></tr><tr><td>NT AUTHORITY\Authenticated Users</td></tr></table>
</div>
</div>
<div class="filler"></div>

<div class="filler"></div>
<div class="he1"><span class="sectionTitle" tabindex="0">Delegation</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><b>These groups and users have the specified permission for this GPO</b></div>
<div class="he4i">
<table class="info3" >
<tr><th scope="col">Name</th><th scope="col">Allowed Permissions</th><th scope="col">Inherited</th></tr>
<tr><td>CONTOSO\Domain Admins</td><td>Edit settings, delete, modify security</td><td>No</td></tr>
<tr><td>CONTOSO\Enterprise Admins</td><td>Edit settings, delete, modify security</td><td>No</td></tr>
<tr><td>NT AUTHORITY\Authenticated Users</td><td>Read (from Security Filtering)</td><td>No</td></tr>
<tr><td>NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS</td><td>Read</td><td>No</td></tr>
<tr><td>NT AUTHORITY\SYSTEM</td><td>Edit settings, delete, modify security</td><td>No</td></tr>
</table>

</div></div></div>
<div class="filler"></div>
</div>
<div class="he0_expanded"><span class="sectionTitle" tabindex="0">Computer Configuration (Enabled)</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he1h_expanded"><span class="sectionTitle" tabindex="0">Policies</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he1"><span class="sectionTitle" tabindex="0">Administrative Templates</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i">Policy definitions (ADMX files) retrieved from the local computer.</div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Internet Explorer</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Prevent bypassing SmartScreen Filter warnings" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer" gpmc_settingDescription="This policy setting determines whether the user can bypass warnings from SmartScreen Filter. SmartScreen Filter prevents the user from browsing to or downloading from sites that are known to host malicious content. SmartScreen Filter also prevents the execution of files that are known to be malicious.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, SmartScreen Filter warnings block the user.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, the user can bypass SmartScreen Filter warnings." gpmc_supported="At least Internet Explorer 8.0">Prevent bypassing SmartScreen Filter warnings</span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Prevent bypassing SmartScreen Filter warnings about files that are not commonly downloaded from the Internet" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer" gpmc_settingDescription="This policy setting determines whether the user can bypass warnings from SmartScreen Filter. SmartScreen Filter warns the user about executable files that Internet Explorer users do not commonly download from the Internet.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, SmartScreen Filter warnings block the user.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, the user can bypass SmartScreen Filter warnings." gpmc_supported="At least Internet Explorer 9.0">Prevent bypassing SmartScreen Filter warnings about files that are not commonly downloaded from the Internet</span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Prevent managing SmartScreen Filter" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer" gpmc_settingDescription="This policy setting prevents the user from managing SmartScreen Filter, which warns the user if the website being visited is known for fraudulent attempts to gather personal information through &amp;quot;phishing,&amp;quot; or is known to host malware.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, the user is not prompted to turn on SmartScreen Filter. All website addresses that are not on the filter&amp;#39;s allow list are sent automatically to Microsoft without prompting the user.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, the user is prompted to decide whether to turn on SmartScreen Filter during the first-run experience." gpmc_supported="At least Internet Explorer 9.0">Prevent managing SmartScreen Filter</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Select SmartScreen Filter mode</td><td>On</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Prevent per-user installation of ActiveX controls" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer" gpmc_settingDescription="This policy setting allows you to prevent the installation of ActiveX controls on a per-user basis.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, ActiveX controls cannot be installed on a per-user basis.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, ActiveX controls can be installed on a per-user basis." gpmc_supported="At least Internet Explorer 8.0">Prevent per-user installation of ActiveX controls</span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Security Zones: Do not allow users to add/delete sites" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer" gpmc_settingDescription="Prevents users from adding or removing sites from security zones. A security zone is a group of Web sites with the same security level.&lt;br/&gt;&lt;br/&gt;If you enable this policy, the site management settings for security zones are disabled. (To see the site management settings for security zones, in the Internet Options dialog box, click the Security tab, and then click the Sites button.)&lt;br/&gt;&lt;br/&gt;If you disable this policy or do not configure it, users can add Web sites to or remove sites from the Trusted Sites and Restricted Sites zones, and alter settings for the Local Intranet zone.&lt;br/&gt;&lt;br/&gt;This policy prevents users from changing site management settings for security zones established by the administrator.&lt;br/&gt;&lt;br/&gt;Note:  The &amp;quot;Disable the Security page&amp;quot; policy (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel), which removes the Security tab from the interface, takes precedence over this policy. If it is enabled, this policy is ignored.&lt;br/&gt;&lt;br/&gt;Also, see the &amp;quot;Security zones: Use only machine settings&amp;quot; policy." gpmc_supported="At least Internet Explorer 5.0">Security Zones: Do not allow users to add/delete sites</span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Security Zones: Do not allow users to change policies" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer" gpmc_settingDescription="Prevents users from changing security zone settings. A security zone is a group of Web sites with the same security level.&lt;br/&gt;&lt;br/&gt;If you enable this policy, the Custom Level button and security-level slider on the Security tab in the Internet Options dialog box are disabled.&lt;br/&gt;&lt;br/&gt;If you disable this policy or do not configure it, users can change the settings for security zones.&lt;br/&gt;&lt;br/&gt;This policy prevents users from changing security zone settings established by the administrator.&lt;br/&gt;&lt;br/&gt;Note: The &amp;quot;Disable the Security page&amp;quot; policy (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel), which removes the Security tab from Internet Explorer in Control Panel, takes precedence over this policy. If it is enabled, this policy is ignored.&lt;br/&gt;&lt;br/&gt;Also, see the &amp;quot;Security zones: Use only machine settings&amp;quot; policy." gpmc_supported="At least Internet Explorer 5.0">Security Zones: Do not allow users to change policies</span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Security Zones: Use only machine settings " gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer" gpmc_settingDescription="Applies security zone information to all users of the same computer. A security zone is a group of Web sites with the same security level.&lt;br/&gt;&lt;br/&gt;If you enable this policy, changes that the user makes to a security zone will apply to all users of that computer.&lt;br/&gt;&lt;br/&gt;If you disable this policy or do not configure it, users of the same computer can establish their own security zone settings.&lt;br/&gt;&lt;br/&gt;This policy is intended to ensure that security zone settings apply uniformly to the same computer and do not vary from user to user.&lt;br/&gt;&lt;br/&gt;Also, see the &amp;quot;Security zones: Do not allow users to change policies&amp;quot; policy." gpmc_supported="At least Internet Explorer 5.0">Security Zones: Use only machine settings </span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Specify use of ActiveX Installer Service for installation of ActiveX controls" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer" gpmc_settingDescription="This policy setting allows you to specify how ActiveX controls are installed.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, ActiveX controls are installed only if the ActiveX Installer Service is present and has been configured to allow the installation of ActiveX controls.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, ActiveX controls, including per-user controls, are installed through the standard installation process." gpmc_supported="At least Internet Explorer 8.0">Specify use of ActiveX Installer Service for installation of ActiveX controls</span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn off Crash Detection" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer" gpmc_settingDescription="This policy setting allows you to manage the crash detection feature of add-on Management.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, a crash in Internet Explorer will exhibit behavior found in Windows XP Professional Service Pack 1 and earlier, namely to invoke Windows Error Reporting. All policy settings for Windows Error Reporting continue to apply.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, the crash detection feature for add-on management will be functional." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Turn off Crash Detection</span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn off the Security Settings Check feature" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer" gpmc_settingDescription="This policy setting turns off the Security Settings Check feature, which checks Internet Explorer security settings to determine when the settings put Internet Explorer at risk.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, the feature is turned off.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, the feature is turned on." gpmc_supported="At least Internet Explorer 7.0">Turn off the Security Settings Check feature</span></td><td>Disabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Internet Explorer/Internet Control Panel</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Prevent ignoring certificate errors" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel" gpmc_settingDescription="This policy setting prevents the user from ignoring Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificate errors that interrupt browsing (such as &amp;quot;expired&amp;quot;, &amp;quot;revoked&amp;quot;, or &amp;quot;name mismatch&amp;quot; errors) in Internet Explorer.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, the user cannot continue browsing.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, the user can choose to ignore certificate errors and continue browsing." gpmc_supported="At least Internet Explorer 7.0">Prevent ignoring certificate errors</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Internet Explorer/Internet Control Panel/Advanced Page</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow software to run or install even if the signature is invalid" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Advanced Page" gpmc_settingDescription="This policy setting allows you to manage whether software, such as ActiveX controls and file downloads, can be installed or run by the user even though the signature is invalid. An invalid signature might indicate that someone has tampered with the file.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, users will be prompted to install or run files with an invalid signature.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, users cannot run or install files with an invalid signature.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy, users can choose to run or install files with an invalid signature." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Allow software to run or install even if the signature is invalid</span></td><td>Disabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Check for server certificate revocation" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Advanced Page" gpmc_settingDescription="This policy setting allows you to manage whether Internet Explorer will check revocation status of servers&amp;#39; certificates. Certificates are revoked when they have been compromised or are no longer valid, and this option protects users from submitting confidential data to a site that may be fraudulent or not secure.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Internet Explorer will check to see if server certificates have been revoked.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Internet Explorer will not check server certificates to see if they have been revoked.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, Internet Explorer will not check server certificates to see if they have been revoked." gpmc_supported="At least Internet Explorer 6.0 in Windows 2003 Service Pack 1">Check for server certificate revocation</span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Check for signatures on downloaded programs" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Advanced Page" gpmc_settingDescription="This policy setting allows you to manage whether Internet Explorer checks for digital signatures (which identifies the publisher of signed software and verifies it hasn&amp;#39;t been modified or tampered with) on user computers before downloading executable programs.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Internet Explorer will check the digital signatures of executable programs and display their identities before downloading them to user computers.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Internet Explorer will not check the digital signatures of executable programs or display their identities before downloading them to user computers.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy, Internet Explorer will not check the digital signatures of executable programs or display their identities before downloading them to user computers." gpmc_supported="At least Internet Explorer 6.0 in Windows 2003 Service Pack 1">Check for signatures on downloaded programs</span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Do not allow ActiveX controls to run in Protected Mode when Enhanced Protected Mode is enabled" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Advanced Page" gpmc_settingDescription="This policy setting prevents ActiveX controls from running in Protected Mode when Enhanced Protected Mode is enabled. When a user has an ActiveX control installed that is not compatible with Enhanced Protected Mode and a website attempts to load the control, Internet Explorer notifies the user and gives the option to run the website in regular Protected Mode. This policy setting disables this notification and forces all websites to run in Enhanced Protected Mode.&lt;br/&gt;&lt;br/&gt;Enhanced Protected Mode provides additional protection against malicious websites by using 64-bit processes on 64-bit versions of Windows. For computers running at least Windows 8, Enhanced Protected Mode also limits the locations Internet Explorer can read from in the registry and the file system.&lt;br/&gt;&lt;br/&gt;When Enhanced Protected Mode is enabled, and a user encounters a website that attempts to load an ActiveX control that is not compatible with Enhanced Protected Mode, Internet Explorer notifies the user and gives the option to disable Enhanced Protected Mode for that particular website.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Internet Explorer will not give the user the option to disable Enhanced Protected Mode. All Protected Mode websites will run in Enhanced Protected Mode.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, Internet Explorer notifies users and provides an option to run websites with incompatible ActiveX controls in regular Protected Mode. This is the default behavior." gpmc_supported="At least Internet Explorer 10.0">Do not allow ActiveX controls to run in Protected Mode when Enhanced Protected Mode is enabled</span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn off encryption support" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Advanced Page" gpmc_settingDescription="This policy setting allows you to turn off support for Transport Layer Security (TLS) 1.0, TLS 1.1, TLS 1.2, Secure Sockets Layer (SSL) 2.0, or SSL 3.0 in the browser. TLS and SSL are protocols that help protect communication between the browser and the target server. When the browser attempts to set up a protected communication with the target server, the browser and server negotiate which protocol and version to use. The browser and server attempt to match each other’s list of supported protocols and versions, and they select the most preferred match.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, the browser negotiates or does not negotiate an encryption tunnel by using the encryption methods that you select from the drop-down list.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, the user can select which encryption method the browser supports.&lt;br/&gt;&lt;br/&gt;Note: SSL 2.0 is off by default and is no longer supported starting with Windows 10 Version 1607. SSL 2.0 is an outdated security protocol, and enabling SSL 2.0 impairs the performance and functionality of TLS 1.0." gpmc_supported="At least Internet Explorer 8.0">Turn off encryption support</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Secure Protocol combinations</td><td>Use TLS 1.1 and TLS 1.2</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn on 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of Windows" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Advanced Page" gpmc_settingDescription="This policy setting determines whether Internet Explorer 11 uses 64-bit processes (for greater security) or 32-bit processes (for greater compatibility) when running in Enhanced Protected Mode on 64-bit versions of Windows.&lt;br/&gt;&lt;br/&gt;Important: Some ActiveX controls and toolbars may not be available when 64-bit processes are used.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Internet Explorer 11 will use 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of Windows.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Internet Explorer 11 will use 32-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of Windows.&lt;br/&gt;&lt;br/&gt;If you don&amp;#39;t configure this policy setting, users can turn this feature on or off using Internet Explorer settings. This feature is turned off by default." gpmc_supported="At least Internet Explorer 11.0">Turn on 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of Windows</span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn on Enhanced Protected Mode" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Advanced Page" gpmc_settingDescription="Enhanced Protected Mode provides additional protection against malicious websites by using 64-bit processes on 64-bit versions of Windows. For computers running at least Windows 8, Enhanced Protected Mode also limits the locations Internet Explorer can read from in the registry and the file system.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Enhanced Protected Mode will be turned on. Any zone that has Protected Mode enabled will use Enhanced Protected Mode. Users will not be able to disable Enhanced Protected Mode.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Enhanced Protected Mode will be turned off. Any zone that has Protected Mode enabled will use the version of Protected Mode introduced in Internet Explorer 7 for Windows Vista.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy, users will be able to turn on or turn off Enhanced Protected Mode on the Advanced tab of the Internet Options dialog." gpmc_supported="At least Internet Explorer 10.0">Turn on Enhanced Protected Mode</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Internet Explorer/Internet Control Panel/Security Page</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Intranet Sites: Include all network paths (UNCs)" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page" gpmc_settingDescription="This policy setting controls whether URLs representing UNCs are mapped into the local Intranet security zone.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, all network paths are mapped into the Intranet Zone.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, network paths are not necessarily mapped into the Intranet Zone (other rules might map one there).&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, users choose whether network paths are mapped into the Intranet Zone." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Intranet Sites: Include all network paths (UNCs)</span></td><td>Disabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn on certificate address mismatch warning" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page" gpmc_settingDescription="This policy setting allows you to turn on the certificate address mismatch security warning. When this policy setting is turned on, the user is warned when visiting Secure HTTP (HTTPS) websites that present certificates issued for a different website address. This warning helps prevent spoofing attacks.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, the certificate address mismatch warning always appears.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, the user can choose whether the certificate address mismatch warning appears (by using the Advanced page in the Internet Control panel)." gpmc_supported="At least Internet Explorer 8.0">Turn on certificate address mismatch warning</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Access data sources across domains" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting allows you to manage whether Internet Explorer can access data from another security zone using the Microsoft XML Parser (MSXML) or ActiveX Data Objects (ADO).&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, users can load a page in the zone that uses MSXML or ADO to access data from another site in the zone. If you select Prompt in the drop-down box, users are queried to choose whether to allow a page to be loaded in the zone that uses MSXML or ADO to access data from another site in the zone.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, users cannot load a page in the zone that uses MSXML or ADO to access data from another site in the zone.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, users cannot load a page in the zone that uses MSXML or ADO to access data from another site in the zone." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Access data sources across domains</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Access data sources across domains</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow cut, copy or paste operations from the clipboard via script" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting allows you to manage whether scripts can perform a clipboard operation (for example, cut, copy, and paste) in a specified region.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, a script can perform a clipboard operation.&lt;br/&gt;&lt;br/&gt;If you select Prompt in the drop-down box, users are queried as to whether to perform clipboard operations.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, a script cannot perform a clipboard operation.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, a script can perform a clipboard operation." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Allow cut, copy or paste operations from the clipboard via script</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Allow paste operations via script</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow drag and drop or copy and paste files" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting allows you to manage whether users can drag files or copy and paste files from a source within the zone.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, users can drag files or copy and paste files from this zone automatically. If you select Prompt in the drop-down box, users are queried to choose whether to drag or copy files from this zone.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, users are prevented from dragging files or copying and pasting files from this zone.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, users can drag files or copy and paste files from this zone automatically." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Allow drag and drop or copy and paste files</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Allow drag and drop or copy and paste files</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow loading of XAML files" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting allows you to manage the loading of Extensible Application Markup Language (XAML) files. XAML is an XML-based declarative markup language commonly used for creating rich user interfaces and graphics that take advantage of the Windows Presentation Foundation.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting and set the drop-down box to Enable, XAML files are automatically loaded inside Internet Explorer. The user cannot change this behavior. If you set the drop-down box to Prompt, the user is prompted for loading XAML files.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, XAML files are not loaded inside Internet Explorer. The user cannot change this behavior.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the user can decide whether to load XAML files inside Internet Explorer." gpmc_supported="At least Internet Explorer 7.0">Allow loading of XAML files</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>XAML Files</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow only approved domains to use ActiveX controls without prompt" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting controls whether or not the user is prompted to allow ActiveX controls to run on websites other than the website that installed the ActiveX control.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, the user is prompted before ActiveX controls can run from websites in this zone. The user can choose to allow the control to run from the current site or from all sites.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, the user does not see the per-site ActiveX prompt, and ActiveX controls can run from all sites in this zone." gpmc_supported="At least Internet Explorer 8.0">Allow only approved domains to use ActiveX controls without prompt</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Only allow approved domains to use ActiveX controls without prompt</td><td>Enable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow only approved domains to use the TDC ActiveX control" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting controls whether or not the user is allowed to run the TDC ActiveX control on websites.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, the TDC ActiveX control will not run from websites in this zone.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, the TDC Active X control will run from all sites in this zone." gpmc_supported="At least Internet Explorer 11.0 on Windows 10, vertion 1607 or later">Allow only approved domains to use the TDC ActiveX control</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Only allow approved domains to use the TDC ActiveX control</td><td>Enable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow scripting of Internet Explorer WebBrowser controls" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting determines whether a page can control embedded WebBrowser controls via script.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, script access to the WebBrowser control is allowed.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, script access to the WebBrowser control is not allowed.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the user can enable or disable script access to the WebBrowser control. By default, script access to the WebBrowser control is allowed only in the Local Machine and Intranet zones." gpmc_supported="At least Internet Explorer 7.0">Allow scripting of Internet Explorer WebBrowser controls</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Internet Explorer web browser control</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow script-initiated windows without size or position constraints" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting allows you to manage restrictions on script-initiated pop-up windows and windows that include the title and status bars.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Windows Restrictions security will not apply in this zone. The security zone runs without the added layer of security provided by this feature.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, the possible harmful actions contained in script-initiated pop-up windows and windows that include the title and status bars cannot be run. This Internet Explorer security feature will be on in this zone as dictated by the Scripted Windows Security Restrictions feature control setting for the process.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the possible harmful actions contained in script-initiated pop-up windows and windows that include the title and status bars cannot be run. This Internet Explorer security feature will be on in this zone as dictated by the Scripted Windows Security Restrictions feature control setting for the process." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Allow script-initiated windows without size or position constraints</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Allow script-initiated windows without size or position constraints</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow scriptlets" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting allows you to manage whether the user can run scriptlets.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, the user can run scriptlets.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, the user cannot run scriptlets.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the user can enable or disable scriptlets." gpmc_supported="At least Internet Explorer 7.0">Allow scriptlets</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Scriptlets</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow updates to status bar via script" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting allows you to manage whether script is allowed to update the status bar within the zone.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, script is allowed to update the status bar.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, script is not allowed to update the status bar." gpmc_supported="At least Internet Explorer 7.0">Allow updates to status bar via script</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Status bar updates via script</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow VBScript to run in Internet Explorer" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting allows you to manage whether VBScript can be run on pages from the specified zone in Internet Explorer.&lt;br/&gt;&lt;br/&gt;If you selected Enable in the drop-down box, VBScript can run without user intervention.&lt;br/&gt;&lt;br/&gt;If you selected Prompt in the drop-down box, users are asked to choose whether to allow VBScript to run.&lt;br/&gt;&lt;br/&gt;If you selected Disable in the drop-down box, VBScript is prevented from running.&lt;br/&gt;&lt;br/&gt;If you do not configure or disable this policy setting, VBScript is prevented from running." gpmc_supported="At least Internet Explorer 11.0">Allow VBScript to run in Internet Explorer</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Allow VBScript to run in Internet Explorer</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Automatic prompting for file downloads" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting determines whether users will be prompted for non user-initiated file downloads. Regardless of this setting, users will receive file download dialogs for user-initiated downloads.&lt;br/&gt;&lt;br/&gt;If you enable this setting, users will receive a file download dialog for automatic download attempts.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this setting, file downloads that are not user-initiated will be blocked, and users will see the Notification bar instead of the file download dialog. Users can then click the Notification bar to allow the file download prompt." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Automatic prompting for file downloads</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Automatic prompting for file downloads</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Don&amp;#39;t run antimalware programs against ActiveX controls" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting determines whether Internet Explorer runs antimalware programs against ActiveX controls, to check if they&amp;#39;re safe to load on pages.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Internet Explorer won&amp;#39;t check with your antimalware program to see if it&amp;#39;s safe to create an instance of the ActiveX control.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Internet Explorer always checks with your antimalware program to see if it&amp;#39;s safe to create an instance of the ActiveX control.&lt;br/&gt;&lt;br/&gt;If you don&amp;#39;t configure this policy setting, Internet Explorer always checks with your antimalware program to see if it&amp;#39;s safe to create an instance of the ActiveX control. Users can turn this behavior on or off, using Internet Explorer Security settings." gpmc_supported="At least Internet Explorer 11.0">Don&#39;t run antimalware programs against ActiveX controls</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Don&#39;t run antimalware programs against ActiveX controls</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Download signed ActiveX controls" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting allows you to manage whether users may download signed ActiveX controls from a page in the zone.&lt;br/&gt;&lt;br/&gt;If you enable this policy, users can download signed controls without user intervention. If you select Prompt in the drop-down box, users are queried whether to download controls signed by publishers who aren&amp;#39;t trusted. Code signed by trusted publishers is silently downloaded.&lt;br/&gt;&lt;br/&gt;If you disable the policy setting, signed controls cannot be downloaded.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, users are queried whether to download controls signed by publishers who aren&amp;#39;t trusted.  Code signed by trusted publishers is silently downloaded." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Download signed ActiveX controls</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Download signed ActiveX controls</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Download unsigned ActiveX controls" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting allows you to manage whether users may download unsigned ActiveX controls from the zone. Such code is potentially harmful, especially when coming from an untrusted zone.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, users can run unsigned controls without user intervention. If you select Prompt in the drop-down box, users are queried to choose whether to allow the unsigned control to run.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, users cannot run unsigned controls.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, users cannot run unsigned controls." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Download unsigned ActiveX controls</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Download unsigned ActiveX controls</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Enable dragging of content from different domains across windows" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting allows you to set options for dragging content from one domain to a different domain when the source and destination are in different windows.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting and click Enable, users can drag content from one domain to a different domain when the source and destination are in different windows. Users cannot change this setting.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting and click Disable, users cannot drag content from one domain to a different domain when both the source and destination are in different windows. Users cannot change this setting.&lt;br/&gt;&lt;br/&gt;In Internet Explorer 10, if you disable this policy setting or do not configure it, users cannot drag content from one domain to a different domain when the source and destination are in different windows. Users can change this setting in the Internet Options dialog.&lt;br/&gt;&lt;br/&gt;In Internet Explorer 9 and earlier versions, if you disable this policy or do not configure it, users can drag content from one domain to a different domain when the source and destination are in different windows. Users cannot change this setting." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Enable dragging of content from different domains across windows</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Enable dragging of content from different domains across windows</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Enable dragging of content from different domains within a window" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting allows you to set options for dragging content from one domain to a different domain when the source and destination are in the same window.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting and click Enable, users can drag content from one domain to a different domain when the source and destination are in the same window. Users cannot change this setting.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting and click Disable, users cannot drag content from one domain to a different domain when the source and destination are in the same window. Users cannot change this setting in the Internet Options dialog.&lt;br/&gt;&lt;br/&gt;In Internet Explorer 10, if you disable this policy setting or do not configure it, users cannot drag content from one domain to a different domain when the source and destination are in the same window. Users can change this setting in the Internet Options dialog.&lt;br/&gt;&lt;br/&gt;In Internet Explorer 9 and earlier versions, if you disable this policy setting or do not configure it, users can drag content from one domain to a different domain when the source and destination are in the same window. Users cannot change this setting in the Internet Options dialog." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Enable dragging of content from different domains within a window</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Enable dragging of content from different domains within a window</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Include local path when user is uploading files to a server" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting controls whether or not local path information is sent when the user is uploading a file via an HTML form. If the local path information is sent, some information may be unintentionally revealed to the server. For instance, files sent from the user&amp;#39;s desktop may contain the user name as a part of the path.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, path information is sent when the user is uploading a file via an HTML form.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, path information is removed when the user is uploading a file via an HTML form.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the user can choose whether path information is sent when he or she is uploading a file via an HTML form. By default, path information is sent." gpmc_supported="At least Internet Explorer 7.0">Include local path when user is uploading files to a server</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Include local directory path when uploading files to a server</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Initialize and script ActiveX controls not marked as safe" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting allows you to manage ActiveX controls not marked as safe.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, ActiveX controls are run, loaded with parameters, and scripted without setting object safety for untrusted data or scripts. This setting is not recommended, except for secure and administered zones. This setting causes both unsafe and safe controls to be initialized and scripted, ignoring the Script ActiveX controls marked safe for scripting option.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting and select Prompt in the drop-down box, users are queried whether to allow the control to be loaded with parameters or scripted.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, ActiveX controls that cannot be made safe are not loaded with parameters or scripted.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, ActiveX controls that cannot be made safe are not loaded with parameters or scripted." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Initialize and script ActiveX controls not marked as safe</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Initialize and script ActiveX controls not marked as safe</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Java permissions" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting allows you to manage permissions for Java applets.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, you can choose options from the drop-down box. Custom, to control permissions settings individually.&lt;br/&gt;&lt;br/&gt;Low Safety enables applets to perform all operations.&lt;br/&gt;&lt;br/&gt;Medium Safety enables applets to run in their sandbox (an area in memory outside of which the program cannot make calls), plus capabilities like scratch space (a safe and secure storage area on the client computer) and user-controlled file I/O.&lt;br/&gt;&lt;br/&gt;High Safety enables applets to run in their sandbox. Disable Java to prevent any applets from running.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Java applets cannot run.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the permission is set to High Safety." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Java permissions</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Java permissions</td><td>Disable Java</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Launching applications and files in an IFRAME" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting allows you to manage whether applications may be run and files may be downloaded from an IFRAME reference in the HTML of the pages in this zone.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, users can run applications and download files from IFRAMEs on the pages in this zone without user intervention. If you select Prompt in the drop-down box, users are queried to choose whether to run applications and download files from IFRAMEs on the pages in this zone.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, users are prevented from running applications and downloading files from IFRAMEs on the pages in this zone.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, users are queried to choose whether to run applications and download files from IFRAMEs on the pages in this zone." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Launching applications and files in an IFRAME</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Launching applications and files in an IFRAME</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Logon options" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting allows you to manage settings for logon options.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, you can choose from the following logon options.&lt;br/&gt;&lt;br/&gt;Anonymous logon to disable HTTP authentication and use the guest account only for the Common Internet File System (CIFS) protocol.&lt;br/&gt;&lt;br/&gt;Prompt for user name and password to query users for user IDs and passwords. After a user is queried, these values can be used silently for the remainder of the session.&lt;br/&gt;&lt;br/&gt;Automatic logon only in Intranet zone to query users for user IDs and passwords in other zones. After a user is queried, these values can be used silently for the remainder of the session.&lt;br/&gt;&lt;br/&gt;Automatic logon with current user name and password to attempt logon using Windows NT Challenge Response (also known as NTLM authentication). If Windows NT Challenge Response is supported by the server, the logon uses the user&amp;#39;s network user name and password for logon. If Windows NT Challenge Response is not supported by the server, the user is queried to provide the user name and password.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, logon is set to Automatic logon only in Intranet zone.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, logon is set to Automatic logon only in Intranet zone." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Logon options</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Logon options</td><td>Prompt for user name and password</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Navigate windows and frames across different domains" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting allows you to manage the opening of windows and frames and access of applications across different domains.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, users can open windows and frames from othe domains and access applications from other domains. If you select Prompt in the drop-down box, users are queried whether to allow windows and frames to access applications from other domains.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, users cannot open windows and frames to access applications from different domains.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, users can open windows and frames from othe domains and access applications from other domains." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Navigate windows and frames across different domains</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Navigate windows and frames across different domains</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Run .NET Framework-reliant components not signed with Authenticode" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting allows you to manage whether .NET Framework components that are not signed with Authenticode can be executed from Internet Explorer. These components include managed controls referenced from an object tag and managed executables referenced from a link.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Internet Explorer will execute unsigned managed components. If you select Prompt in the drop-down box, Internet Explorer will prompt the user to determine whether to execute unsigned managed components.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Internet Explorer will not execute unsigned managed components.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, Internet Explorer will execute unsigned managed components." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Run .NET Framework-reliant components not signed with Authenticode</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Run .NET Framework-reliant components not signed with Authenticode</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Run .NET Framework-reliant components signed with Authenticode" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting allows you to manage whether .NET Framework components that are signed with Authenticode can be executed from Internet Explorer. These components include managed controls referenced from an object tag and managed executables referenced from a link.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Internet Explorer will execute signed managed components. If you select Prompt in the drop-down box, Internet Explorer will prompt the user to determine whether to execute signed managed components.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Internet Explorer will not execute signed managed components.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, Internet Explorer will execute signed managed components." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Run .NET Framework-reliant components signed with Authenticode</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Run .NET Framework-reliant components signed with Authenticode</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Show security warning for potentially unsafe files" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting controls whether or not the &amp;quot;Open File - Security Warning&amp;quot; message appears when the user tries to open executable files or other potentially unsafe files (from an intranet file share by using File Explorer, for example).&lt;br/&gt;&lt;br/&gt;If you enable this policy setting and set the drop-down box to Enable, these files open without a security warning. If you set the drop-down box to Prompt, a security warning appears before the files open.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, these files do not open.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the user can configure how the computer handles these files. By default, these files are blocked in the Restricted zone, enabled in the Intranet and Local Computer zones, and set to prompt in the Internet and Trusted zones." gpmc_supported="At least Internet Explorer 7.0">Show security warning for potentially unsafe files</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Launching programs and unsafe files</td><td>Prompt</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn on Cross-Site Scripting Filter" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy controls whether or not the Cross-Site Scripting (XSS) Filter will detect and prevent cross-site script injections into websites in this zone.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, the XSS Filter is turned on for sites in this zone, and the XSS Filter attempts to block cross-site script injections.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, the XSS Filter is turned off for sites in this zone, and Internet Explorer permits cross-site script injections." gpmc_supported="At least Internet Explorer 8.0">Turn on Cross-Site Scripting Filter</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Turn on Cross-Site Scripting (XSS) Filter</td><td>Enable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn on Protected Mode" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting allows you to turn on Protected Mode. Protected Mode helps protect Internet Explorer from exploited vulnerabilities by reducing the locations that Internet Explorer can write to in the registry and the file system.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Protected Mode is turned on. The user cannot turn off Protected Mode.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Protected Mode is turned off. The user cannot turn on Protected Mode.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the user can turn on or turn off Protected Mode." gpmc_supported="At least Internet Explorer 7.0 in Windows Vista">Turn on Protected Mode</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Protected Mode</td><td>Enable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn on SmartScreen Filter scan" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting controls whether SmartScreen Filter scans pages in this zone for malicious content.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, SmartScreen Filter scans pages in this zone for malicious content.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, SmartScreen Filter does not scan pages in this zone for malicious content.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the user can choose whether SmartScreen Filter scans pages in this zone for malicious content.&lt;br/&gt;&lt;br/&gt;Note: In Internet Explorer 7, this policy setting controls whether Phishing Filter scans pages in this zone for malicious content." gpmc_supported="At least Internet Explorer 7.0">Turn on SmartScreen Filter scan</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Use SmartScreen Filter</td><td>Enable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Use Pop-up Blocker" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting allows you to manage whether unwanted pop-up windows appear. Pop-up windows that are opened when the end user clicks a link are not blocked.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, most unwanted pop-up windows are prevented from appearing.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, pop-up windows are not prevented from appearing.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, most unwanted pop-up windows are prevented from appearing." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Use Pop-up Blocker</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Use Pop-up Blocker</td><td>Enable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Userdata persistence" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting allows you to manage the preservation of information in the browser&amp;#39;s history, in favorites, in an XML store, or directly within a Web page saved to disk. When a user returns to a persisted page, the state of the page can be restored if this policy setting is appropriately configured.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, users can preserve information in the browser&amp;#39;s history, in favorites, in an XML store, or directly within a Web page saved to disk.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, users cannot preserve information in the browser&amp;#39;s history, in favorites, in an XML store, or directly within a Web page saved to disk.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, users can preserve information in the browser&amp;#39;s history, in favorites, in an XML store, or directly within a Web page saved to disk." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Userdata persistence</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Userdata persistence</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Web sites in less privileged Web content zones can navigate into this zone" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone" gpmc_settingDescription="This policy setting allows you to manage whether Web sites from less privileged zones, such as Restricted Sites, can navigate into this zone.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Web sites from less privileged zones can open new windows in, or navigate into, this zone.  The security zone will run without the added layer of security that is provided by the Protection from Zone Elevation security feature. If you select Prompt in the drop-down box, a warning is issued to the user that potentially risky navigation is about to occur.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, the possibly harmful navigations are prevented. The Internet Explorer security feature will be on in this zone as set by Protection from Zone Elevation feature control.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, Web sites from less privileged zones can open new windows in, or navigate into, this zone." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Web sites in less privileged Web content zones can navigate into this zone</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Web sites in less privileged Web content zones can navigate into this zone</td><td>Disable</td></tr>
</table></td></tr></table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Internet Explorer/Internet Control Panel/Security Page/Intranet Zone</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Don&amp;#39;t run antimalware programs against ActiveX controls" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Intranet Zone" gpmc_settingDescription="This policy setting determines whether Internet Explorer runs antimalware programs against ActiveX controls, to check if they&amp;#39;re safe to load on pages.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Internet Explorer won&amp;#39;t check with your antimalware program to see if it&amp;#39;s safe to create an instance of the ActiveX control.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Internet Explorer always checks with your antimalware program to see if it&amp;#39;s safe to create an instance of the ActiveX control.&lt;br/&gt;&lt;br/&gt;If you don&amp;#39;t configure this policy setting, Internet Explorer won&amp;#39;t check with your antimalware program to see if it&amp;#39;s safe to create an instance of the ActiveX control. Users can turn this behavior on or off, using Internet Explorer Security settings." gpmc_supported="At least Internet Explorer 11.0">Don&#39;t run antimalware programs against ActiveX controls</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Don&#39;t run antimalware programs against ActiveX controls</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Initialize and script ActiveX controls not marked as safe" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Intranet Zone" gpmc_settingDescription="This policy setting allows you to manage ActiveX controls not marked as safe.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, ActiveX controls are run, loaded with parameters, and scripted without setting object safety for untrusted data or scripts. This setting is not recommended, except for secure and administered zones. This setting causes both unsafe and safe controls to be initialized and scripted, ignoring the Script ActiveX controls marked safe for scripting option.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting and select Prompt in the drop-down box, users are queried whether to allow the control to be loaded with parameters or scripted.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, ActiveX controls that cannot be made safe are not loaded with parameters or scripted.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, ActiveX controls that cannot be made safe are not loaded with parameters or scripted." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Initialize and script ActiveX controls not marked as safe</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Initialize and script ActiveX controls not marked as safe</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Java permissions" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Intranet Zone" gpmc_settingDescription="This policy setting allows you to manage permissions for Java applets.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, you can choose options from the drop-down box. Custom, to control permissions settings individually.&lt;br/&gt;&lt;br/&gt;Low Safety enables applets to perform all operations.&lt;br/&gt;&lt;br/&gt;Medium Safety enables applets to run in their sandbox (an area in memory outside of which the program cannot make calls), plus capabilities like scratch space (a safe and secure storage area on the client computer) and user-controlled file I/O.&lt;br/&gt;&lt;br/&gt;High Safety enables applets to run in their sandbox. Disable Java to prevent any applets from running.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Java applets cannot run.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the permission is set to Medium Safety." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Java permissions</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Java permissions</td><td>High safety</td></tr>
</table></td></tr></table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Internet Explorer/Internet Control Panel/Security Page/Local Machine Zone</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Don&amp;#39;t run antimalware programs against ActiveX controls" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Local Machine Zone" gpmc_settingDescription="This policy setting determines whether Internet Explorer runs antimalware programs against ActiveX controls, to check if they&amp;#39;re safe to load on pages.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Internet Explorer won&amp;#39;t check with your antimalware program to see if it&amp;#39;s safe to create an instance of the ActiveX control.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Internet Explorer always checks with your antimalware program to see if it&amp;#39;s safe to create an instance of the ActiveX control.&lt;br/&gt;&lt;br/&gt;If you don&amp;#39;t configure this policy setting, Internet Explorer won&amp;#39;t check with your antimalware program to see if it&amp;#39;s safe to create an instance of the ActiveX control. Users can turn this behavior on or off, using Internet Explorer Security settings." gpmc_supported="At least Internet Explorer 11.0">Don&#39;t run antimalware programs against ActiveX controls</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Don&#39;t run antimalware programs against ActiveX controls</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Java permissions" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Local Machine Zone" gpmc_settingDescription="This policy setting allows you to manage permissions for Java applets.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, you can choose options from the drop-down box. Custom, to control permissions settings individually.&lt;br/&gt;&lt;br/&gt;Low Safety enables applets to perform all operations.&lt;br/&gt;&lt;br/&gt;Medium Safety enables applets to run in their sandbox (an area in memory outside of which the program cannot make calls), plus capabilities like scratch space (a safe and secure storage area on the client computer) and user-controlled file I/O.&lt;br/&gt;&lt;br/&gt;High Safety enables applets to run in their sandbox. Disable Java to prevent any applets from running.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Java applets cannot run.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the permission is set to Medium Safety." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Java permissions</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Java permissions</td><td>Disable Java</td></tr>
</table></td></tr></table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Internet Explorer/Internet Control Panel/Security Page/Locked-Down Internet Zone</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn on SmartScreen Filter scan" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Locked-Down Internet Zone" gpmc_settingDescription="This policy setting controls whether SmartScreen Filter scans pages in this zone for malicious content.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, SmartScreen Filter scans pages in this zone for malicious content.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, SmartScreen Filter does not scan pages in this zone for malicious content.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the user can choose whether SmartScreen Filter scans pages in this zone for malicious content.&lt;br/&gt;&lt;br/&gt;Note: In Internet Explorer 7, this policy setting controls whether Phishing Filter scans pages in this zone for malicious content." gpmc_supported="At least Internet Explorer 7.0">Turn on SmartScreen Filter scan</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Use SmartScreen Filter</td><td>Enable</td></tr>
</table></td></tr></table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Internet Explorer/Internet Control Panel/Security Page/Locked-Down Intranet Zone</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Java permissions" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Locked-Down Intranet Zone" gpmc_settingDescription="This policy setting allows you to manage permissions for Java applets.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, you can choose options from the drop-down box. Custom, to control permissions settings individually.&lt;br/&gt;&lt;br/&gt;Low Safety enables applets to perform all operations.&lt;br/&gt;&lt;br/&gt;Medium Safety enables applets to run in their sandbox (an area in memory outside of which the program cannot make calls), plus capabilities like scratch space (a safe and secure storage area on the client computer) and user-controlled file I/O.&lt;br/&gt;&lt;br/&gt;High Safety enables applets to run in their sandbox. Disable Java to prevent any applets from running.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Java applets cannot run.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, Java applets are disabled." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Java permissions</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Java permissions</td><td>Disable Java</td></tr>
</table></td></tr></table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Internet Explorer/Internet Control Panel/Security Page/Locked-Down Local Machine Zone</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Java permissions" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Locked-Down Local Machine Zone" gpmc_settingDescription="This policy setting allows you to manage permissions for Java applets.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, you can choose options from the drop-down box. Custom, to control permissions settings individually.&lt;br/&gt;&lt;br/&gt;Low Safety enables applets to perform all operations.&lt;br/&gt;&lt;br/&gt;Medium Safety enables applets to run in their sandbox (an area in memory outside of which the program cannot make calls), plus capabilities like scratch space (a safe and secure storage area on the client computer) and user-controlled file I/O.&lt;br/&gt;&lt;br/&gt;High Safety enables applets to run in their sandbox. Disable Java to prevent any applets from running.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Java applets cannot run.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, Java applets are disabled." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Java permissions</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Java permissions</td><td>Disable Java</td></tr>
</table></td></tr></table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Internet Explorer/Internet Control Panel/Security Page/Locked-Down Restricted Sites Zone</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Java permissions" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Locked-Down Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage permissions for Java applets.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, you can choose options from the drop-down box. Custom, to control permissions settings individually.&lt;br/&gt;&lt;br/&gt;Low Safety enables applets to perform all operations.&lt;br/&gt;&lt;br/&gt;Medium Safety enables applets to run in their sandbox (an area in memory outside of which the program cannot make calls), plus capabilities like scratch space (a safe and secure storage area on the client computer) and user-controlled file I/O.&lt;br/&gt;&lt;br/&gt;High Safety enables applets to run in their sandbox. Disable Java to prevent any applets from running.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Java applets cannot run.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, Java applets are disabled." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Java permissions</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Java permissions</td><td>Disable Java</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn on SmartScreen Filter scan" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Locked-Down Restricted Sites Zone" gpmc_settingDescription="This policy setting controls whether SmartScreen Filter scans pages in this zone for malicious content.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, SmartScreen Filter scans pages in this zone for malicious content.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, SmartScreen Filter does not scan pages in this zone for malicious content.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the user can choose whether SmartScreen Filter scans pages in this zone for malicious content.&lt;br/&gt;&lt;br/&gt;Note: In Internet Explorer 7, this policy setting controls whether Phishing Filter scans pages in this zone for malicious content." gpmc_supported="At least Internet Explorer 7.0">Turn on SmartScreen Filter scan</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Use SmartScreen Filter</td><td>Enable</td></tr>
</table></td></tr></table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Internet Explorer/Internet Control Panel/Security Page/Locked-Down Trusted Sites Zone</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Java permissions" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Locked-Down Trusted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage permissions for Java applets.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, you can choose options from the drop-down box. Custom, to control permissions settings individually.&lt;br/&gt;&lt;br/&gt;Low Safety enables applets to perform all operations.&lt;br/&gt;&lt;br/&gt;Medium Safety enables applets to run in their sandbox (an area in memory outside of which the program cannot make calls), plus capabilities like scratch space (a safe and secure storage area on the client computer) and user-controlled file I/O.&lt;br/&gt;&lt;br/&gt;High Safety enables applets to run in their sandbox. Disable Java to prevent any applets from running.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Java applets cannot run.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, Java applets are disabled." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Java permissions</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Java permissions</td><td>Disable Java</td></tr>
</table></td></tr></table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Access data sources across domains" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage whether Internet Explorer can access data from another security zone using the Microsoft XML Parser (MSXML) or ActiveX Data Objects (ADO).&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, users can load a page in the zone that uses MSXML or ADO to access data from another site in the zone. If you select Prompt in the drop-down box, users are queried to choose whether to allow a page to be loaded in the zone that uses MSXML or ADO to access data from another site in the zone.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, users cannot load a page in the zone that uses MSXML or ADO to access data from another site in the zone.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, users cannot load a page in the zone that uses MSXML or ADO to access data from another site in the zone." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Access data sources across domains</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Access data sources across domains</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow active scripting" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage whether script code on pages in the zone is run.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, script code on pages in the zone can run automatically. If you select Prompt in the drop-down box, users are queried to choose whether to allow script code on pages in the zone to run.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, script code on pages in the zone is prevented from running.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, script code on pages in the zone is prevented from running." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Allow active scripting</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Allow active scripting</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow binary and script behaviors" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage dynamic binary and script behaviors: components that encapsulate specific functionality for HTML elements to which they were attached.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, binary and script behaviors are available. If you select Administrator approved in the drop-down box, only behaviors listed in the Admin-approved Behaviors under Binary Behaviors Security Restriction policy are available.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, binary and script behaviors are not available unless applications have implemented a custom security manager.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, binary and script behaviors are not available unless applications have implemented a custom security manager." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Allow binary and script behaviors</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Allow Binary and Script Behaviors</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow cut, copy or paste operations from the clipboard via script" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage whether scripts can perform a clipboard operation (for example, cut, copy, and paste) in a specified region.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, a script can perform a clipboard operation.&lt;br/&gt;&lt;br/&gt;If you select Prompt in the drop-down box, users are queried as to whether to perform clipboard operations.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, a script cannot perform a clipboard operation.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, a script cannot perform a clipboard operation." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Allow cut, copy or paste operations from the clipboard via script</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Allow paste operations via script</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow drag and drop or copy and paste files" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage whether users can drag files or copy and paste files from a source within the zone.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, users can drag files or copy and paste files from this zone automatically. If you select Prompt in the drop-down box, users are queried to choose whether to drag or copy files from this zone.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, users are prevented from dragging files or copying and pasting files from this zone.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, users are queried to choose whether to drag or copy files from this zone." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Allow drag and drop or copy and paste files</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Allow drag and drop or copy and paste files</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow file downloads" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage whether file downloads are permitted from the zone. This option is determined by the zone of the page with the link causing the download, not the zone from which the file is delivered.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, files can be downloaded from the zone.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, files are prevented from being downloaded from the zone.&lt;br/&gt;&lt;br/&gt; If you do not configure this policy setting, files are prevented from being downloaded from the zone." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Allow file downloads</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Allow file downloads</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow loading of XAML files" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage the loading of Extensible Application Markup Language (XAML) files. XAML is an XML-based declarative markup language commonly used for creating rich user interfaces and graphics that take advantage of the Windows Presentation Foundation.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting and set the drop-down box to Enable, XAML files are automatically loaded inside Internet Explorer. The user cannot change this behavior. If you set the drop-down box to Prompt, the user is prompted for loading XAML files.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, XAML files are not loaded inside Internet Explorer. The user cannot change this behavior.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the user can decide whether to load XAML files inside Internet Explorer." gpmc_supported="At least Internet Explorer 7.0">Allow loading of XAML files</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>XAML Files</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow META REFRESH" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage whether a user&amp;#39;s browser can be redirected to another Web page if the author of the Web page uses the Meta Refresh setting (tag) to redirect browsers to another Web page.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, a user&amp;#39;s browser that loads a page containing an active Meta Refresh setting can be redirected to another Web page.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, a user&amp;#39;s browser that loads a page containing an active Meta Refresh setting cannot be redirected to another Web page.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, a user&amp;#39;s browser that loads a page containing an active Meta Refresh setting cannot be redirected to another Web page." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Allow META REFRESH</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Allow META REFRESH</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow only approved domains to use ActiveX controls without prompt" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting controls whether or not the user is prompted to allow ActiveX controls to run on websites other than the website that installed the ActiveX control.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, the user is prompted before ActiveX controls can run from websites in this zone. The user can choose to allow the control to run from the current site or from all sites.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, the user does not see the per-site ActiveX prompt, and ActiveX controls can run from all sites in this zone." gpmc_supported="At least Internet Explorer 8.0">Allow only approved domains to use ActiveX controls without prompt</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Only allow approved domains to use ActiveX controls without prompt</td><td>Enable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow only approved domains to use the TDC ActiveX control" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting controls whether or not the user is allowed to run the TDC ActiveX control on websites.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, the TDC ActiveX control will not run from websites in this zone.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, the TDC Active X control will run from all sites in this zone." gpmc_supported="At least Internet Explorer 11.0 on Windows 10, vertion 1607 or later">Allow only approved domains to use the TDC ActiveX control</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Only allow approved domains to use the TDC ActiveX control</td><td>Enable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow scripting of Internet Explorer WebBrowser controls" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting determines whether a page can control embedded WebBrowser controls via script.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, script access to the WebBrowser control is allowed.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, script access to the WebBrowser control is not allowed.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the user can enable or disable script access to the WebBrowser control. By default, script access to the WebBrowser control is allowed only in the Local Machine and Intranet zones." gpmc_supported="At least Internet Explorer 7.0">Allow scripting of Internet Explorer WebBrowser controls</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Internet Explorer web browser control</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow script-initiated windows without size or position constraints" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage restrictions on script-initiated pop-up windows and windows that include the title and status bars.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Windows Restrictions security will not apply in this zone. The security zone runs without the added layer of security provided by this feature.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, the possible harmful actions contained in script-initiated pop-up windows and windows that include the title and status bars cannot be run. This Internet Explorer security feature will be on in this zone as dictated by the Scripted Windows Security Restrictions feature control setting for the process.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the possible harmful actions contained in script-initiated pop-up windows and windows that include the title and status bars cannot be run. This Internet Explorer security feature will be on in this zone as dictated by the Scripted Windows Security Restrictions feature control setting for the process." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Allow script-initiated windows without size or position constraints</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Allow script-initiated windows without size or position constraints</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow scriptlets" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage whether the user can run scriptlets.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, the user can run scriptlets.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, the user cannot run scriptlets.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the user can enable or disable scriptlets." gpmc_supported="At least Internet Explorer 7.0">Allow scriptlets</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Scriptlets</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow updates to status bar via script" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage whether script is allowed to update the status bar within the zone.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, script is allowed to update the status bar.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, script is not allowed to update the status bar." gpmc_supported="At least Internet Explorer 7.0">Allow updates to status bar via script</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Status bar updates via script</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow VBScript to run in Internet Explorer" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage whether VBScript can be run on pages from the specified zone in Internet Explorer.&lt;br/&gt;&lt;br/&gt;If you selected Enable in the drop-down box, VBScript can run without user intervention.&lt;br/&gt;&lt;br/&gt;If you selected Prompt in the drop-down box, users are asked to choose whether to allow VBScript to run.&lt;br/&gt;&lt;br/&gt;If you selected Disable in the drop-down box, VBScript is prevented from running.&lt;br/&gt;&lt;br/&gt;If you do not configure or disable this policy setting, VBScript is prevented from running." gpmc_supported="At least Internet Explorer 11.0">Allow VBScript to run in Internet Explorer</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Allow VBScript to run in Internet Explorer</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Automatic prompting for file downloads" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting determines whether users will be prompted for non user-initiated file downloads. Regardless of this setting, users will receive file download dialogs for user-initiated downloads.&lt;br/&gt;&lt;br/&gt;If you enable this setting, users will receive a file download dialog for automatic download attempts.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this setting, file downloads that are not user-initiated will be blocked, and users will see the Notification bar instead of the file download dialog. Users can then click the Notification bar to allow the file download prompt." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Automatic prompting for file downloads</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Automatic prompting for file downloads</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Don&amp;#39;t run antimalware programs against ActiveX controls" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting determines whether Internet Explorer runs antimalware programs against ActiveX controls, to check if they&amp;#39;re safe to load on pages.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Internet Explorer won&amp;#39;t check with your antimalware program to see if it&amp;#39;s safe to create an instance of the ActiveX control.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Internet Explorer always checks with your antimalware program to see if it&amp;#39;s safe to create an instance of the ActiveX control.&lt;br/&gt;&lt;br/&gt;If you don&amp;#39;t configure this policy setting, Internet Explorer always checks with your antimalware program to see if it&amp;#39;s safe to create an instance of the ActiveX control. Users can turn this behavior on or off, using Internet Explorer Security settings." gpmc_supported="At least Internet Explorer 11.0">Don&#39;t run antimalware programs against ActiveX controls</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Don&#39;t run antimalware programs against ActiveX controls</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Download signed ActiveX controls" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage whether users may download signed ActiveX controls from a page in the zone.&lt;br/&gt;&lt;br/&gt;If you enable this policy, users can download signed controls without user intervention. If you select Prompt in the drop-down box, users are queried whether to download controls signed by publishers who aren&amp;#39;t trusted. Code signed by trusted publishers is silently downloaded.&lt;br/&gt;&lt;br/&gt;If you disable the policy setting, signed controls cannot be downloaded.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, signed controls cannot be downloaded." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Download signed ActiveX controls</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Download signed ActiveX controls</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Download unsigned ActiveX controls" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage whether users may download unsigned ActiveX controls from the zone. Such code is potentially harmful, especially when coming from an untrusted zone.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, users can run unsigned controls without user intervention. If you select Prompt in the drop-down box, users are queried to choose whether to allow the unsigned control to run.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, users cannot run unsigned controls.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, users cannot run unsigned controls." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Download unsigned ActiveX controls</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Download unsigned ActiveX controls</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Enable dragging of content from different domains across windows" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to set options for dragging content from one domain to a different domain when the source and destination are in different windows.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting and click Enable, users can drag content from one domain to a different domain when the source and destination are in different windows. Users cannot change this setting.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting and click Disable, users cannot drag content from one domain to a different domain when both the source and destination are in different windows. Users cannot change this setting.&lt;br/&gt;&lt;br/&gt;In Internet Explorer 10, if you disable this policy setting or do not configure it, users cannot drag content from one domain to a different domain when the source and destination are in different windows. Users can change this setting in the Internet Options dialog.&lt;br/&gt;&lt;br/&gt;In Internet Explorer 9 and earlier versions, if you disable this policy or do not configure it, users can drag content from one domain to a different domain when the source and destination are in different windows. Users cannot change this setting." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Enable dragging of content from different domains across windows</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Enable dragging of content from different domains across windows</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Enable dragging of content from different domains within a window" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to set options for dragging content from one domain to a different domain when the source and destination are in the same window.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting and click Enable, users can drag content from one domain to a different domain when the source and destination are in the same window. Users cannot change this setting.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting and click Disable, users cannot drag content from one domain to a different domain when the source and destination are in the same window. Users cannot change this setting in the Internet Options dialog.&lt;br/&gt;&lt;br/&gt;In Internet Explorer 10, if you disable this policy setting or do not configure it, users cannot drag content from one domain to a different domain when the source and destination are in the same window. Users can change this setting in the Internet Options dialog.&lt;br/&gt;&lt;br/&gt;In Internet Explorer 9 and earlier versions, if you disable this policy setting or do not configure it, users can drag content from one domain to a different domain when the source and destination are in the same window. Users cannot change this setting in the Internet Options dialog." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Enable dragging of content from different domains within a window</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Enable dragging of content from different domains within a window</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Include local path when user is uploading files to a server" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting controls whether or not local path information is sent when the user is uploading a file via an HTML form. If the local path information is sent, some information may be unintentionally revealed to the server. For instance, files sent from the user&amp;#39;s desktop may contain the user name as a part of the path.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, path information is sent when the user is uploading a file via an HTML form.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, path information is removed when the user is uploading a file via an HTML form.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the user can choose whether path information is sent when he or she is uploading a file via an HTML form. By default, path information is sent." gpmc_supported="At least Internet Explorer 7.0">Include local path when user is uploading files to a server</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Include local directory path when uploading files to a server</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Initialize and script ActiveX controls not marked as safe" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage ActiveX controls not marked as safe.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, ActiveX controls are run, loaded with parameters, and scripted without setting object safety for untrusted data or scripts. This setting is not recommended, except for secure and administered zones. This setting causes both unsafe and safe controls to be initialized and scripted, ignoring the Script ActiveX controls marked safe for scripting option.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting and select Prompt in the drop-down box, users are queried whether to allow the control to be loaded with parameters or scripted.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, ActiveX controls that cannot be made safe are not loaded with parameters or scripted.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, ActiveX controls that cannot be made safe are not loaded with parameters or scripted." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Initialize and script ActiveX controls not marked as safe</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Initialize and script ActiveX controls not marked as safe</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Java permissions" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage permissions for Java applets.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, you can choose options from the drop-down box. Custom, to control permissions settings individually.&lt;br/&gt;&lt;br/&gt;Low Safety enables applets to perform all operations.&lt;br/&gt;&lt;br/&gt;Medium Safety enables applets to run in their sandbox (an area in memory outside of which the program cannot make calls), plus capabilities like scratch space (a safe and secure storage area on the client computer) and user-controlled file I/O.&lt;br/&gt;&lt;br/&gt;High Safety enables applets to run in their sandbox. Disable Java to prevent any applets from running.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Java applets cannot run.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, Java applets are disabled." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Java permissions</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Java permissions</td><td>Disable Java</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Launching applications and files in an IFRAME" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage whether applications may be run and files may be downloaded from an IFRAME reference in the HTML of the pages in this zone.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, users can run applications and download files from IFRAMEs on the pages in this zone without user intervention. If you select Prompt in the drop-down box, users are queried to choose whether to run applications and download files from IFRAMEs on the pages in this zone.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, users are prevented from running applications and downloading files from IFRAMEs on the pages in this zone.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, users are prevented from running applications and downloading files from IFRAMEs on the pages in this zone." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Launching applications and files in an IFRAME</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Launching applications and files in an IFRAME</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Logon options" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage settings for logon options.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, you can choose from the following logon options.&lt;br/&gt;&lt;br/&gt;Anonymous logon to disable HTTP authentication and use the guest account only for the Common Internet File System (CIFS) protocol.&lt;br/&gt;&lt;br/&gt;Prompt for user name and password to query users for user IDs and passwords. After a user is queried, these values can be used silently for the remainder of the session.&lt;br/&gt;&lt;br/&gt;Automatic logon only in Intranet zone to query users for user IDs and passwords in other zones. After a user is queried, these values can be used silently for the remainder of the session.&lt;br/&gt;&lt;br/&gt;Automatic logon with current user name and password to attempt logon using Windows NT Challenge Response (also known as NTLM authentication). If Windows NT Challenge Response is supported by the server, the logon uses the user&amp;#39;s network user name and password for logon. If Windows NT Challenge Response is not supported by the server, the user is queried to provide the user name and password.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, logon is set to Automatic logon only in Intranet zone.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, logon is set to Prompt for username and password." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Logon options</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Logon options</td><td>Anonymous logon</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Navigate windows and frames across different domains" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage the opening of windows and frames and access of applications across different domains.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, users can open additional windows and frames from other domains and access applications from other domains. If you select Prompt in the drop-down box, users are queried whether to allow additional windows and frames to access applications from other domains.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, users cannot open other windows and frames from other domains or access applications from different domains.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, users cannot open other windows and frames from different domains or access applications from different domains." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Navigate windows and frames across different domains</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Navigate windows and frames across different domains</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Run .NET Framework-reliant components not signed with Authenticode" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage whether .NET Framework components that are not signed with Authenticode can be executed from Internet Explorer. These components include managed controls referenced from an object tag and managed executables referenced from a link.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Internet Explorer will execute unsigned managed components. If you select Prompt in the drop-down box, Internet Explorer will prompt the user to determine whether to execute unsigned managed components.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Internet Explorer will not execute unsigned managed components.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, Internet Explorer will not execute unsigned managed components." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Run .NET Framework-reliant components not signed with Authenticode</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Run .NET Framework-reliant components not signed with Authenticode</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Run .NET Framework-reliant components signed with Authenticode" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage whether .NET Framework components that are signed with Authenticode can be executed from Internet Explorer. These components include managed controls referenced from an object tag and managed executables referenced from a link.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Internet Explorer will execute signed managed components. If you select Prompt in the drop-down box, Internet Explorer will prompt the user to determine whether to execute signed managed components.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Internet Explorer will not execute signed managed components.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, Internet Explorer will not execute signed managed components." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Run .NET Framework-reliant components signed with Authenticode</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Run .NET Framework-reliant components signed with Authenticode</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Run ActiveX controls and plugins" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage whether ActiveX controls and plug-ins can be run on pages from the specified zone.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, controls and plug-ins can run without user intervention.&lt;br/&gt;&lt;br/&gt;If you selected Prompt in the drop-down box, users are asked to choose whether to allow the controls or plug-in to run.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, controls and plug-ins are prevented from running.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, controls and plug-ins are prevented from running." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Run ActiveX controls and plugins</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Run ActiveX controls and plugins</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Script ActiveX controls marked safe for scripting" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage whether an ActiveX control marked safe for scripting can interact with a script.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, script interaction can occur automatically without user intervention.&lt;br/&gt;&lt;br/&gt;If you select Prompt in the drop-down box, users are queried to choose whether to allow script interaction.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, script interaction is prevented from occurring.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, script interaction is prevented from occurring." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Script ActiveX controls marked safe for scripting</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Script ActiveX controls marked safe for scripting</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Scripting of Java applets" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage whether applets are exposed to scripts within the zone.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, scripts can access applets automatically without user intervention.&lt;br/&gt;&lt;br/&gt;If you select Prompt in the drop-down box, users are queried to choose whether to allow scripts to access applets.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, scripts are prevented from accessing applets.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, scripts are prevented from accessing applets." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Scripting of Java applets</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Scripting of Java applets</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Show security warning for potentially unsafe files" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting controls whether or not the &amp;quot;Open File - Security Warning&amp;quot; message appears when the user tries to open executable files or other potentially unsafe files (from an intranet file share by using File Explorer, for example).&lt;br/&gt;&lt;br/&gt;If you enable this policy setting and set the drop-down box to Enable, these files open without a security warning. If you set the drop-down box to Prompt, a security warning appears before the files open.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, these files do not open.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the user can configure how the computer handles these files. By default, these files are blocked in the Restricted zone, enabled in the Intranet and Local Computer zones, and set to prompt in the Internet and Trusted zones." gpmc_supported="At least Internet Explorer 7.0">Show security warning for potentially unsafe files</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Launching programs and unsafe files</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn on Cross-Site Scripting Filter" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy controls whether or not the Cross-Site Scripting (XSS) Filter will detect and prevent cross-site script injections into websites in this zone.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, the XSS Filter is turned on for sites in this zone, and the XSS Filter attempts to block cross-site script injections.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, the XSS Filter is turned off for sites in this zone, and Internet Explorer permits cross-site script injections." gpmc_supported="At least Internet Explorer 8.0">Turn on Cross-Site Scripting Filter</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Turn on Cross-Site Scripting (XSS) Filter</td><td>Enable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn on Protected Mode" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to turn on Protected Mode. Protected Mode helps protect Internet Explorer from exploited vulnerabilities by reducing the locations that Internet Explorer can write to in the registry and the file system.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Protected Mode is turned on. The user cannot turn off Protected Mode.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Protected Mode is turned off. The user cannot turn on Protected Mode.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the user can turn on or turn off Protected Mode." gpmc_supported="At least Internet Explorer 7.0 in Windows Vista">Turn on Protected Mode</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Protected Mode</td><td>Enable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn on SmartScreen Filter scan" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting controls whether SmartScreen Filter scans pages in this zone for malicious content.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, SmartScreen Filter scans pages in this zone for malicious content.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, SmartScreen Filter does not scan pages in this zone for malicious content.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the user can choose whether SmartScreen Filter scans pages in this zone for malicious content.&lt;br/&gt;&lt;br/&gt;Note: In Internet Explorer 7, this policy setting controls whether Phishing Filter scans pages in this zone for malicious content." gpmc_supported="At least Internet Explorer 7.0">Turn on SmartScreen Filter scan</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Use SmartScreen Filter</td><td>Enable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Use Pop-up Blocker" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage whether unwanted pop-up windows appear. Pop-up windows that are opened when the end user clicks a link are not blocked.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, most unwanted pop-up windows are prevented from appearing.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, pop-up windows are not prevented from appearing.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, most unwanted pop-up windows are prevented from appearing." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Use Pop-up Blocker</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Use Pop-up Blocker</td><td>Enable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Userdata persistence" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage the preservation of information in the browser&amp;#39;s history, in favorites, in an XML store, or directly within a Web page saved to disk. When a user returns to a persisted page, the state of the page can be restored if this policy setting is appropriately configured.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, users can preserve information in the browser&amp;#39;s history, in favorites, in an XML store, or directly within a Web page saved to disk.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, users cannot preserve information in the browser&amp;#39;s history, in favorites, in an XML store, or directly within a Web page saved to disk.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, users cannot preserve information in the browser&amp;#39;s history, in favorites, in an XML store, or directly within a Web page saved to disk." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Userdata persistence</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Userdata persistence</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Web sites in less privileged Web content zones can navigate into this zone" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage whether Web sites from less privileged zones, such as Internet sites, can navigate into this zone.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Web sites from less privileged zones can open new windows in, or navigate into, this zone. The security zone will run without the added layer of security that is provided by the Protection from Zone Elevation security feature. If you select Prompt in the drop-down box, a warning is issued to the user that potentially risky navigation is about to occur.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, the possibly harmful navigations are prevented. The Internet Explorer security feature will be on in this zone as set by Protection from Zone Elevation feature control.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the possibly harmful navigations are prevented. The Internet Explorer security feature will be on in this zone as set by Protection from Zone Elevation feature control." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Web sites in less privileged Web content zones can navigate into this zone</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Web sites in less privileged Web content zones can navigate into this zone</td><td>Disable</td></tr>
</table></td></tr></table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Internet Explorer/Internet Control Panel/Security Page/Trusted Sites Zone</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Don&amp;#39;t run antimalware programs against ActiveX controls" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Trusted Sites Zone" gpmc_settingDescription="This policy setting determines whether Internet Explorer runs antimalware programs against ActiveX controls, to check if they&amp;#39;re safe to load on pages.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Internet Explorer won&amp;#39;t check with your antimalware program to see if it&amp;#39;s safe to create an instance of the ActiveX control.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Internet Explorer always checks with your antimalware program to see if it&amp;#39;s safe to create an instance of the ActiveX control.&lt;br/&gt;&lt;br/&gt;If you don&amp;#39;t configure this policy setting, Internet Explorer won&amp;#39;t check with your antimalware program to see if it&amp;#39;s safe to create an instance of the ActiveX control. Users can turn this behavior on or off, using Internet Explorer Security settings." gpmc_supported="At least Internet Explorer 11.0">Don&#39;t run antimalware programs against ActiveX controls</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Don&#39;t run antimalware programs against ActiveX controls</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Initialize and script ActiveX controls not marked as safe" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Trusted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage ActiveX controls not marked as safe.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, ActiveX controls are run, loaded with parameters, and scripted without setting object safety for untrusted data or scripts. This setting is not recommended, except for secure and administered zones. This setting causes both unsafe and safe controls to be initialized and scripted, ignoring the Script ActiveX controls marked safe for scripting option.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting and select Prompt in the drop-down box, users are queried whether to allow the control to be loaded with parameters or scripted.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, ActiveX controls that cannot be made safe are not loaded with parameters or scripted.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, users are queried whether to allow the control to be loaded with parameters or scripted." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Initialize and script ActiveX controls not marked as safe</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Initialize and script ActiveX controls not marked as safe</td><td>Disable</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Java permissions" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/Trusted Sites Zone" gpmc_settingDescription="This policy setting allows you to manage permissions for Java applets.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, you can choose options from the drop-down box. Custom, to control permissions settings individually.&lt;br/&gt;&lt;br/&gt;Low Safety enables applets to perform all operations.&lt;br/&gt;&lt;br/&gt;Medium Safety enables applets to run in their sandbox (an area in memory outside of which the program cannot make calls), plus capabilities like scratch space (a safe and secure storage area on the client computer) and user-controlled file I/O.&lt;br/&gt;&lt;br/&gt;High Safety enables applets to run in their sandbox. Disable Java to prevent any applets from running.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Java applets cannot run.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the permission is set to Low Safety." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Java permissions</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Java permissions</td><td>High safety</td></tr>
</table></td></tr></table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Internet Explorer/Security Features</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow fallback to SSL 3.0 (Internet Explorer)" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Security Features" gpmc_settingDescription="This policy setting allows you to block an insecure fallback to SSL 3.0. When this policy is enabled, Internet Explorer will attempt to connect to sites using SSL 3.0 or below when TLS 1.0 or greater fails.&lt;br/&gt;&lt;br/&gt;We recommend that you do not allow insecure fallback in order to prevent a man-in-the-middle attack.&lt;br/&gt;&lt;br/&gt;This policy does not affect which security protocols are enabled.&lt;br/&gt;&lt;br/&gt;If you disable this policy, system defaults will be used.&lt;br/&gt;" gpmc_supported="At least Internet Explorer 7.0">Allow fallback to SSL 3.0 (Internet Explorer)</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Allow insecure fallback for:</td><td>No Sites</td></tr>
</table></td></tr></table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Internet Explorer/Security Features/Add-on Management</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Remove &amp;quot;Run this time&amp;quot; button for outdated ActiveX controls in Internet Explorer " gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Security Features/Add-on Management" gpmc_settingDescription="This policy setting allows you to stop users from seeing the &amp;quot;Run this time&amp;quot; button and from running specific outdated ActiveX controls in Internet Explorer.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, users won&amp;#39;t see the &amp;quot;Run this time&amp;quot; button on the warning message that appears when Internet Explorer blocks an outdated ActiveX control.&lt;br/&gt;&lt;br/&gt;If you disable or don&amp;#39;t configure this policy setting, users will see the &amp;quot;Run this time&amp;quot; button on the warning message that appears when Internet Explorer blocks an outdated ActiveX control. Clicking this button lets the user run the outdated ActiveX control once.&lt;br/&gt;&lt;br/&gt;For more information, see &amp;quot;Outdated ActiveX Controls&amp;quot; in the Internet Explorer TechNet library." gpmc_supported="At least Internet Explorer 8.0">Remove &quot;Run this time&quot; button for outdated ActiveX controls in Internet Explorer </span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn off blocking of outdated ActiveX controls for Internet Explorer" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Security Features/Add-on Management" gpmc_settingDescription="This policy setting determines whether Internet Explorer blocks specific outdated ActiveX controls. Outdated ActiveX controls are never blocked in the Intranet Zone.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Internet Explorer stops blocking outdated ActiveX controls.&lt;br/&gt;&lt;br/&gt;If you disable or don&amp;#39;t configure this policy setting, Internet Explorer continues to block specific outdated ActiveX controls.&lt;br/&gt;&lt;br/&gt;For more information, see &amp;quot;Outdated ActiveX Controls&amp;quot; in the Internet Explorer TechNet library." gpmc_supported="At least Internet Explorer 8.0">Turn off blocking of outdated ActiveX controls for Internet Explorer</span></td><td>Disabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Internet Explorer/Security Features/Consistent Mime Handling</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Internet Explorer Processes" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Security Features/Consistent Mime Handling" gpmc_settingDescription="Internet Explorer uses Multipurpose Internet Mail Extensions (MIME) data to determine file handling procedures for files received through a Web server.&lt;br/&gt;&lt;br/&gt;This policy setting determines whether Internet Explorer requires that all file-type information provided by Web servers be consistent. For example, if the MIME type of a file is text/plain but the MIME sniff indicates that the file is really an executable file, Internet Explorer renames the file by saving it in the Internet Explorer cache and changing its extension.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Internet Explorer requires consistent MIME data for all received files.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Internet Explorer will not require consistent MIME data for all received files.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, Internet Explorer requires consistent MIME data for all received files." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Internet Explorer Processes</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Internet Explorer/Security Features/Mime Sniffing Safety Feature</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Internet Explorer Processes" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Security Features/Mime Sniffing Safety Feature" gpmc_settingDescription="This policy setting determines whether Internet Explorer MIME sniffing will prevent promotion of a file of one type to a more dangerous file type.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, MIME sniffing will never promote a file of one type to a more dangerous file type.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Internet Explorer processes will allow a MIME sniff promoting a file of one type to a more dangerous file type.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, MIME sniffing will never promote a file of one type to a more dangerous file type." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Internet Explorer Processes</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Internet Explorer/Security Features/MK Protocol Security Restriction</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Internet Explorer Processes" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Security Features/MK Protocol Security Restriction" gpmc_settingDescription="The MK Protocol Security Restriction policy setting reduces attack surface area by preventing the MK protocol. Resources hosted on the MK protocol will fail.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, the MK Protocol is prevented for File Explorer and Internet Explorer, and resources hosted on the MK protocol will fail.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, applications can use the MK protocol API. Resources hosted on the MK protocol will work for the File Explorer and Internet Explorer processes.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the MK Protocol is prevented for File Explorer and Internet Explorer, and resources hosted on the MK protocol will fail." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Internet Explorer Processes</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Internet Explorer/Security Features/Notification bar</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Internet Explorer Processes" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Security Features/Notification bar" gpmc_settingDescription="This policy setting allows you to manage whether the Notification bar is displayed for Internet Explorer processes when file or code installs are restricted. By default, the Notification bar is displayed for Internet Explorer processes.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, the Notification bar will be displayed for Internet Explorer Processes.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, the Notification bar will not be displayed for Internet Explorer processes.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the Notification bar will be displayed for Internet Explorer Processes." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Internet Explorer Processes</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Internet Explorer/Security Features/Protection From Zone Elevation</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Internet Explorer Processes" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Security Features/Protection From Zone Elevation" gpmc_settingDescription="Internet Explorer places restrictions on each Web page it opens. The restrictions are dependent upon the location of the Web page (Internet, Intranet, Local Machine zone, etc.). Web pages on the local computer have the fewest security restrictions and reside in the Local Machine zone, making the Local Machine security zone a prime target for malicious users. Zone Elevation also disables JavaScript navigation if there is no security context.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, any zone can be protected from zone elevation by Internet Explorer processes.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, no zone receives such protection for Internet Explorer processes.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, any zone can be protected from zone elevation by Internet Explorer processes." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Internet Explorer Processes</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Internet Explorer/Security Features/Restrict ActiveX Install</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Internet Explorer Processes" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Security Features/Restrict ActiveX Install" gpmc_settingDescription="This policy setting enables blocking of ActiveX control installation prompts for Internet Explorer processes.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, prompting for ActiveX control installations will be blocked for Internet Explorer processes.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, prompting for ActiveX control installations will not be blocked for Internet Explorer processes.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the user&amp;#39;s preference will be used to determine whether to block ActiveX control installations for Internet Explorer processes." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Internet Explorer Processes</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Internet Explorer/Security Features/Restrict File Download</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Internet Explorer Processes" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Security Features/Restrict File Download" gpmc_settingDescription="This policy setting enables blocking of file download prompts that are not user initiated.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, file download prompts that are not user initiated will be blocked for Internet Explorer processes.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, prompting will occur for file downloads that are not user initiated for Internet Explorer processes.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the user&amp;#39;s preference determines whether to prompt for file downloads that are not user initiated for Internet Explorer processes." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Internet Explorer Processes</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Internet Explorer/Security Features/Scripted Window Security Restrictions</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Internet Explorer Processes" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Security Features/Scripted Window Security Restrictions" gpmc_settingDescription="Internet Explorer allows scripts to programmatically open, resize, and reposition windows of various types. The Window Restrictions security feature restricts popup windows and prohibits scripts from displaying windows in which the title and status bars are not visible to the user or obfuscate other Windows&amp;#39; title and status bars.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, popup windows and other restrictions apply for File Explorer and Internet Explorer processes.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, scripts can continue to create popup windows and windows that obfuscate other windows.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, popup windows and other restrictions apply for File Explorer and Internet Explorer processes." gpmc_supported="At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1">Internet Explorer Processes</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div></div></div></div>
<div class="filler"></div>
<div class="he0_expanded"><span class="sectionTitle" tabindex="0">User Configuration (Disabled)</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i">No settings defined.</div></div>
</body></html>