Internet Explorer Processes

The MK Protocol Security Restriction policy setting reduces attack surface area by preventing the MK protocol. Resources hosted on the MK protocol will fail.

If you enable this policy setting, the MK Protocol is prevented for File Explorer and Internet Explorer, and resources hosted on the MK protocol will fail.

If you disable this policy setting, applications can use the MK protocol API. Resources hosted on the MK protocol will work for the File Explorer and Internet Explorer processes.

If you do not configure this policy setting, the MK Protocol is prevented for File Explorer and Internet Explorer, and resources hosted on the MK protocol will fail.

Supported on: At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1

Enable policy:
Registry PathValue NameValue TypeValue
Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL(Reserved)REG_SZ1
Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOLexplorer.exeREG_SZ1
Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOLiexplore.exeREG_SZ1
Disable Policy:
Registry HiveRegistry PathValue NameValue TypeValue
HKEY_LOCAL_MACHINE or HKEY_CURRENT_USERSoftware\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL(Reserved)REG_SZ0
HKEY_LOCAL_MACHINE or HKEY_CURRENT_USERSoftware\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOLexplorer.exeREG_SZ0
HKEY_LOCAL_MACHINE or HKEY_CURRENT_USERSoftware\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOLiexplore.exeREG_SZ0

inetres.admx

Administrative Templates (Computers)

Administrative Templates (Users)