Turn on Enhanced Protected Mode

Information

Enhanced Protected Mode provides additional protection against malicious websites by using 64-bit processes on 64-bit versions of Windows. For computers running at least Windows 8, Enhanced Protected Mode also limits the locations Internet Explorer can read from in the registry and the file system.
If you enable this policy setting, Enhanced Protected Mode will be turned on. Any zone that has Protected Mode enabled will use Enhanced Protected Mode. Users will not be able to disable Enhanced Protected Mode.
If you disable this policy setting, Enhanced Protected Mode will be turned off. Any zone that has Protected Mode enabled will use the version of Protected Mode introduced in Internet Explorer 7 for Windows Vista.
If you do not configure this policy, users will be able to turn on or turn off Enhanced Protected Mode on the Advanced tab of the Internet Options dialog.

Solution

Policy Path: Windows Components\Internet Explorer\Internet Control Panel\Advanced Page
Policy Setting Name: Turn on Enhanced Protected Mode

See Also

https://techcommunity.microsoft.com/t5/microsoft-security-baselines/windows-10-version-22h2-security-baseline/ba-p/3655724

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-3

Plugin: Windows

Control ID: ea2a6e9df981573a47713d29312c125f5c68735f479733ef187042553e5a551e