Policy

All Processes

Microsoft Windows

Back to Protection From Zone ElevationBack to main
All Processes
Jump to overview

Policy overview

Key metadata and intent for this policy.

Category
Windows Components > Internet Explorer > Security Features > Protection From Zone Elevation
Supported on
At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1

Supported OS tags: Windows10, Windows10RT, Windows11, Windows7, Windows8, Windows81, WindowsRT, WindowsRT81, WindowsServer2003, WindowsServer2008, WindowsServer2012, WindowsServer2012R2, WindowsServer2016, WindowsVista, WindowsXP

Internet Explorer places restrictions on each Web page it opens. The restrictions are dependent upon the location of the Web page (Internet, Intranet, Local Machine zone, and so on). For example, Web pages on the local computer have the fewest security restrictions and reside in the Local Machine zone, making the Local Machine security zone a prime target for malicious users. If you enable this policy setting, any zone can be protected from zone elevation for all processes. If you disable or do not configure this policy setting, processes other than Internet Explorer or those listed in the Process List receive no such protection.

Internal name
IESF_PolicyAllProcesses_9
Policy ID
ae0d66f0fae0
Elements
0

Registry values

How enabled and disabled states update the registry.

ScopeRegistry locationTypeEnabled valueDisabled valueCopy
Path
Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION
Value name
*
REG_SZ
HKLM
1
HKCU
1
HKLM
0
HKCU
0
Registry location
Type REG_SZ · Both
Path
Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION
Value name
*
Hive
HKLM
Enabled value
1
Disabled value
0
Hive
HKCU
Enabled value
1
Disabled value
0

Policy elements

Inputs and configuration options exposed by this policy.

This policy has no additional user input fields.