1.3 Enable 'Prevent users from bypassing SmartScreen Filter's application reputation warnings about files that are not commonly downloaded'

Information

*Description*

The SmartScreen Filter warns users about executable files that are not commonly
downloaded from the Internet by Internet Explorer users.
If you enable this policy setting, the user is blocked by SmartScreen Filter warnings.
If you disable this policy setting or do not configure it, the user can ignore SmartScreen
Filter warnings. The recommended state for this setting is- Enabled.

*Rationale*

This setting is important from a security perspective because Microsoft has extensive data
illustrating the positive impact the SmartScreen filter has had on reducing the risk of
malware infection via visiting malicious websites.

Solution

To implement the recommended configuration state, set the following Group Policy setting
to Enabled.

Computer Configuration\Administrative Templates\Windows Components\Internet
Explorer\Prevent users from bypassing SmartScreen Filter's application reputation
warnings about files that are not commonly downloaded from the Internet

Impact-If you enable this policy setting, the user is blocked by SmartScreen Filter warnings. If you
disable this policy setting or do not configure it, the user can ignore SmartScreen Filter
warnings.

See Also

https://workbench.cisecurity.org/files/1516

Item Details

Audit Name: CIS IE 9 v1.0.0

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-18(3)

Plugin: Windows

Control ID: fcbd2a42a7303b9c925a09f82f7a7fd57f351c964a56dde6d4acb8bb90daa90d