Internet Explorer Processes - FEATURE_DISABLE_MK_PROTOCOL - explorer.exe

Information

The MK Protocol Security Restriction policy setting reduces attack surface area by preventing the MK protocol. Resources hosted on the MK protocol will fail.
If you enable this policy setting, the MK Protocol is prevented for File Explorer and Internet Explorer, and resources hosted on the MK protocol will fail.
If you disable this policy setting, applications can use the MK protocol API. Resources hosted on the MK protocol will work for the File Explorer and Internet Explorer processes.
If you do not configure this policy setting, the MK Protocol is prevented for File Explorer and Internet Explorer, and resources hosted on the MK protocol will fail.

Solution

Policy Path: Windows Components\Internet Explorer\Security Features\MK Protocol Security Restriction
Policy Setting Name: Internet Explorer Processes

See Also

https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-final-windows-10-and-windows-server-version/ba-p/1543631

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7a., CSCv6|3.1

Plugin: Windows

Control ID: eefe9fa49d968fa0d98be71f8a48b14d178235a19448af0f07fbefb9ae32eb5b