Information
*Description*
This policy setting allows you to manage whether file downloads are permitted from the
zone. This option is determined by the zone of the page with the link causing the download,
not the zone from which the file is delivered. The recommended state for this setting is-
Enabled-Disable.
*Rationale*
Sites located in the Restricted Sites Zone are more likely to contain malicious payloads and
therefor downloads from this zone should be blocked.
Solution
To implement the recommended configuration state, set the following Group Policy setting
to Enabled.
Computer Configuration\Administrative Templates\Windows Components\Internet
Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Allow file
downloads\Allow file downloads
Then set the Allow file downloads option to Disable.
Impact-If you enable this policy setting, files can be downloaded from the zone. If you disable this
policy setting, files are prevented from being downloaded from the zone. If you do not
configure this policy setting, files are prevented from being downloaded from the zone.