Information
This policy setting allows you to manage whether the Notification bar is displayed for
Internet Explorer processes when file or code installs are restricted. By default, the
Notification bar is displayed for Internet Explorer processes. If you enable this policy
setting, the Notification bar will be displayed for Internet Explorer Processes. If you
disable this policy setting, the Notification bar will not be displayed for Internet Explorer
processes. If you do not configure this policy setting, the Notification bar will be displayed
for Internet Explorer Processes. The recommended state for this setting is- Enabled.
*Rationale*
There's no known vulnerability at this time, however information displayed in the
Notification Bar may help users to understand why files or code installs are restricted.
Solution
To establish the recommended configuration via Group Policy, set the following UI path to
Enabled.
Computer Configuration\Administrative Templates\Windows Components\Internet
Explorer\Security Features\Notification bar\Internet Explorer Processes
Default Value-Enabled