Policy
Internet Explorer Processes
Microsoft Windows
Policy overview
Key metadata and intent for this policy.
Supported OS tags: Windows10, Windows10RT, Windows11, Windows7, Windows8, Windows81, WindowsRT, WindowsRT81, WindowsServer2003, WindowsServer2008, WindowsServer2012, WindowsServer2012R2, WindowsServer2016, WindowsVista, WindowsXP
Internet Explorer places restrictions on each Web page it opens. The restrictions are dependent upon the location of the Web page (Internet, Intranet, Local Machine zone, etc.). Web pages on the local computer have the fewest security restrictions and reside in the Local Machine zone, making the Local Machine security zone a prime target for malicious users. Zone Elevation also disables JavaScript navigation if there is no security context. If you enable this policy setting, any zone can be protected from zone elevation by Internet Explorer processes. If you disable this policy setting, no zone receives such protection for Internet Explorer processes. If you do not configure this policy setting, any zone can be protected from zone elevation by Internet Explorer processes.
Registry values
How enabled and disabled states update the registry.
| Scope | Registry location | Type | Enabled value | Disabled value | Copy |
|---|---|---|---|---|---|
Path Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION Value name (Reserved) | REG_SZ | HKLM 1 HKCU 1 | HKLM 0 HKCU 0 | ||
Path Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION Value name explorer.exe | REG_SZ | HKLM 1 HKCU 1 | HKLM 0 HKCU 0 | ||
Path Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION Value name iexplore.exe | REG_SZ | HKLM 1 HKCU 1 | HKLM 0 HKCU 0 |
Policy elements
Inputs and configuration options exposed by this policy.
This policy has no additional user input fields.