Information
Internet Explorer allows scripts to programmatically open, resize, and reposition windows
of various types. The Window Restrictions security feature restricts popup windows and
prohibits scripts from displaying windows in which the title and status bars are not visible
to the user or obfuscate other Windows' title and status bars. If you enable this policy
setting, popup windows and other restrictions apply for File Explorer and Internet
Explorer processes. If you disable this policy setting, scripts can continue to create popup
windows and windows that obfuscate other windows. If you do not configure this policy
setting, popup windows and other restrictions apply for File Explorer and Internet
Explorer processes. The recommended state for this setting is- Enabled.
*Rationale*
The Internet Explorer Processes (Scripted Window Security Restrictions) setting restricts
pop-up windows and does not allow scripts to display windows in which the title and
status bars are not visible to the user or that hide other windows title and status bars.
When enabled, this policy setting help make it difficult for malicious Web sites to control
your Internet Explorer windows or fool users into clicking the wrong window.
Solution
To establish the recommended configuration via Group Policy, set the following UI path to
Enabled.
Computer Configuration\Administrative Templates\Windows Components\Internet
Explorer\Security Features\Scripted Window Security Restrictions\Internet Explorer
Processes
Default Value-Enabled