Policy
All Processes
Microsoft Windows
Policy overview
Key metadata and intent for this policy.
Supported OS tags: Windows10, Windows10RT, Windows11, Windows7, Windows8, Windows81, WindowsRT, WindowsRT81, WindowsServer2003, WindowsServer2008, WindowsServer2012, WindowsServer2012R2, WindowsServer2016, WindowsVista, WindowsXP
Internet Explorer places zone restrictions on each Web page it opens, which are dependent upon the location of the Web page (Internet, Intranet, Local Machine zone, etc.). Web pages on the local computer have the fewest security restrictions and reside in the Local Machine zone. Local Machine zone security applies to all local files and content. This feature helps to mitigate attacks where the Local Machine zone is used as an attack vector to load malicious HTML code. If you enable this policy setting, the Local Machine zone security applies to all local files and content processed by any process other than Internet Explorer or those defined in a process list. If you disable or do not configure this policy setting, Local Machine zone security is not applied to local files or content processed by any process other than Internet Explorer or those defined in a process list.
Registry values
How enabled and disabled states update the registry.
| Scope | Registry location | Type | Enabled value | Disabled value | Copy |
|---|---|---|---|---|---|
Path Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN Value name * | REG_SZ | HKLM 1 HKCU 1 | HKLM 0 HKCU 0 |
Policy elements
Inputs and configuration options exposed by this policy.
This policy has no additional user input fields.