8.3.41 Set 'Launching applications and files in an IFRAME' to 'Enabled:Disable'

Information



This policy setting allows you to manage whether applications may be run and files may be
downloaded from an IFRAME reference in the HTML of the pages in this zone. The
recommended state for this setting is- Enabled-Disable.

*Rationale*

If you enable this policy setting, applications can run and files can be downloaded from
IFRAMEs on the pages in this zone without user intervention.

Solution

To establish the recommended configuration via Group Policy, set the following UI path to
Enabled.

Computer Configuration\Administrative Templates\Windows Components\Internet
Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Launching
applications and files in an IFRAMEThen set the Launching applications and files in an IFRAME option to Disable.


Impact-If you enable this policy setting, users can run applications and download files from
IFRAMEs on the pages in this zone without user intervention. If you select Prompt in the
drop-down box, users are queried to choose whether to run applications and download
files from IFRAMEs on the pages in this zone. If you disable this policy setting, users are
prevented from running applications and downloading files from IFRAMEs on the pages in
this zone. If you do not configure this policy setting, users are queried to choose whether to
run applications and download files from IFRAMEs on the pages in this zone.

Default Value-Disabled

See Also

https://workbench.cisecurity.org/files/1518

Item Details

Audit Name: CIS IE 11 v1.0.0

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7a.

Plugin: Windows

Control ID: 515d6eeb8c0b1024ea505f56ec2b7cb223639cf519e1d6e063050040037b6d21