Information
*Description*
This policy setting allows the user to enable the SmartScreen Filter, which will warn if the
Web site being visited is known for fraudulent attempts to gather personal information
through 'phishing,' or is known to host malware.
If you enable this policy setting, the user will not be prompted to enable the SmartScreen
Filter. You must specify which mode the SmartScreen Filter uses- on, or off.
If the feature is on, all website addresses not contained on the filter's allow list will be sent
automatically to Microsoft without prompting the user.
If the feature is off or you do not configure this policy setting, the user will be prompted to
decide the mode of operation for the SmartScreen Filter during the first run experience.
The recommended state for this setting is- Enabled-On.
*Rationale*
This setting is important from a security perspective because Microsoft has extensive data
illustrating the positive impact the SmartScreen filter has had on reducing the risk of
malware infection via visiting malicious websites.
Solution
To implement the recommended configuration state, set the following Group Policy setting
to Enabled.
Computer Configuration\Administrative Templates\Windows Components\Internet
Explorer\Turn off Managing SmartScreen Filter for Internet Explorer 9\Turn off
Managing SmartScreen Filter for Internet Explorer 9
Then set the Select SmartScreen Filter mode for Internet Explorer 9 option to On.
Impact-If you enable this policy setting, the user will not be prompted to enable the SmartScreen
Filter. You must specify which mode the SmartScreen Filter uses- on, or off. If the feature is
on, all website addresses not contained on the filter's allow list will be sent automatically to
Microsoft without prompting the user. If the feature is off or you do not configure this
policy setting, the user will be prompted to decide the mode of operation for the
SmartScreen Filter during the first run experience.