Admin-approved behaviors
For each zone, the Binary and Scripted Behavior security restrictions may be configured to allow only a list of admin-approved behaviors. This list may be configured here, and applies to all processes which have opted in to the behavior, and to all zones. (Behaviors are components that encapsulate specific functionality or behavior on a page.)
If you enable this policy setting, this sets the list of behaviors permitted in each zone for which Script and Binary Behaviors is set to 'admin-approved'. Behaviors must be entered in #package#behavior notation, e.g., #default#vml.
If you disable this policy setting, no behaviors will be allowed in zones set to 'admin-approved', just as if those zones were set to 'disable'.
If you do not configure this policy setting, only VML will be allowed in zones set to 'admin-approved'.
Note. If this policy is set in both Computer Configuration and User Configuration, both lists of behaviors will be allowed as appropriate.
支援的作業系統: 在 Windows XP 含 Service Pack 2 或 Windows Server 2003 含 Service Pack 1 至少需要 Internet Explorer 6.0
| Registry Hive | HKEY_LOCAL_MACHINE |
| Registry Path | Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings |
| Value Name | ListBox_Support_AllowedBehaviors |
| Value Type | REG_DWORD |
| Enabled Value | 1 |
| Disabled Value | 0 |
Enter the allowed behaviors here.
| Registry Hive | HKEY_LOCAL_MACHINE |
| Registry Path | Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedBehaviors |
| Value Name | {number} |
| Value Type | REG_SZ |
| Default Value |
inetres.admx
- Control Panel
- Regional and Language Options
- 使用者帳戶
- Network
- Background Intelligent Transfer Service (BITS)
- Allow BITS Peercaching
- Do not allow the BITS client to use Windows Branch Cache
- Do not allow the computer to act as a BITS Peercaching client
- Do not allow the computer to act as a BITS Peercaching server
- Limit the age of files in the BITS Peercache
- Limit the BITS Peercache size
- Limit the maximum BITS job download time
- Limit the maximum network bandwidth for BITS background transfers
- Limit the maximum network bandwidth used for Peercaching
- Limit the maximum number of BITS jobs for each user
- Limit the maximum number of BITS jobs for this computer
- Limit the maximum number of files allowed in a BITS job
- Limit the maximum number of ranges that can be added to the file in a BITS job
- Set up a maintenance schedule to limit the maximum network bandwidth used for BITS background transfers
- Set up a work schedule to limit the maximum network bandwidth used for BITS background transfers
- Timeout for inactive BITS jobs
- BranchCache
- DNS Client
- Allow DNS Suffix Appending to Unqualified Multi-Label Name Queries
- Connection-Specific DNS Suffix
- DNS Servers
- DNS Suffix Search List
- Dynamic Update
- Primary DNS Suffix Devolution Level
- Primary DNS Suffix Devolution
- Primary DNS Suffix
- Register DNS records with connection-specific DNS suffix
- Register PTR Records
- Registration Refresh Interval
- Replace Addresses In Conflicts
- TTL Set in the A and PTR records
- Turn off Multicast Name Resolution
- Update Security Level
- Update Top Level Domain Zones
- Lanman Server
- Microsoft 對等網路服務
- 對等名稱解析通訊協定
- 全域定域機組
- 站台-本機定域機組
- 連結-本機定域機組
- 停用對等群組的密碼強度驗證
- 關閉 Microsoft 對等網路服務
- 對等名稱解析通訊協定
- Network Connectivity Status Indicator
- Offline Files
- Action on server disconnect
- Administratively assigned offline files
- Allow or Disallow use of the Offline Files feature
- At logoff, delete local copy of user's offline files
- Configure Background Sync
- Configure slow-link mode
- Configure Slow link speed
- Default cache size
- Enable Transparent Caching
- Encrypt the Offline Files cache
- Event logging level
- Exclude files from being cached
- Files not cached
- Initial reminder balloon lifetime
- Limit disk space used by offline files
- Non-default server disconnect actions
- Prevent use of Offline Files folder
- Prohibit 'Make Available Offline' for these file and folders
- Prohibit user configuration of Offline Files
- Reminder balloon frequency
- Reminder balloon lifetime
- Remove 'Make Available Offline'
- Subfolders always available offline
- Synchronize all offline files before logging off
- Synchronize all offline files when logging on
- Synchronize offline files before suspend
- Turn off reminder balloons
- Turn on economical application of administratively assigned Offline Files
- QoS 封包排程器
- SNMP
- SSL 組態設定
- TCPIP Settings
- Windows Connect Now
- 網路連線
- Windows 防火牆
- 標準設定檔
- Windows 防火牆:不允許例外
- Windows 防火牆:保護所有網路連線
- Windows 防火牆:允許 ICMP 例外
- Windows 防火牆:允許本機程式例外
- Windows 防火牆:允許本機連接埠例外
- Windows 防火牆:允許記錄
- Windows 防火牆:允許輸入的 UPnP 架構例外
- Windows 防火牆:允許輸入的檔案和印表機共用例外
- Windows 防火牆:允許輸入的遠端桌面例外
- Windows 防火牆:允許輸入的遠端系統管理例外
- Windows 防火牆:定義輸入的程式例外
- Windows 防火牆:定義輸入的連接埠例外
- Windows 防火牆:禁止單點傳送回應到多點傳送或廣播要求
- Windows 防火牆:禁止通知
- 網域設定檔
- Windows 防火牆:不允許例外
- Windows 防火牆:保護所有網路連線
- Windows 防火牆:允許 ICMP 例外
- Windows 防火牆:允許本機程式例外
- Windows 防火牆:允許本機連接埠例外
- Windows 防火牆:允許記錄
- Windows 防火牆:允許輸入的 UPnP 架構例外
- Windows 防火牆:允許輸入的檔案和印表機共用例外
- Windows 防火牆:允許輸入的遠端桌面例外
- Windows 防火牆:允許輸入的遠端系統管理例外
- Windows 防火牆:定義輸入的程式例外
- Windows 防火牆:定義輸入的連接埠例外
- Windows 防火牆:禁止單點傳送回應到多點傳送或廣播要求
- Windows 防火牆:禁止通知
- Windows 防火牆:允許經過驗證的 IPSec 繞道
- 標準設定檔
- 不顯示 [僅本機存取] 網路圖示
- 禁止在您的 DNS 網域網路上安裝、設定及使用網路橋接
- 禁止在您的 DNS 網域網路中使用網際網路連線防火牆
- 要求網域使用者在設定網路的位置時必須提升權限
- 透過內部網路路由傳送所有流量
- Windows 防火牆
- 連結階層拓樸搜索
- 設定 DFS 用戶端搜尋網域控制站的頻率
- Background Intelligent Transfer Service (BITS)
- Printers
- Add Printer wizard - Network scan page (Managed network)
- Add Printer wizard - Network scan page (Unmanaged network)
- Allow printers to be published
- Allow Print Spooler to accept client connections
- Allow pruning of published printers
- Always render print jobs on the server
- Automatically publish new printers in Active Directory
- Check published state
- Computer location
- Custom support URL in the Printers folder's left pane
- Directory pruning interval
- Directory pruning priority
- Directory pruning retry
- Disallow installation of printers using kernel-mode drivers
- Execute print drivers in isolated processes
- Extend Point and Print connection to search Windows Update
- Log directory pruning retry events
- Only use Package Point and print
- Override print driver execution compatibility setting reported by print driver
- Package Point and print - Approved servers
- Point and Print Restrictions
- Pre-populate printer search location text
- Printer browsing
- Prune printers that are not automatically republished
- Web-based printing
- System
- Credentials Delegation
- Allow Delegating Default Credentials
- Allow Delegating Default Credentials with NTLM-only Server Authentication
- Allow Delegating Fresh Credentials
- Allow Delegating Fresh Credentials with NTLM-only Server Authentication
- Allow Delegating Saved Credentials
- Allow Delegating Saved Credentials with NTLM-only Server Authentication
- Deny Delegating Default Credentials
- Deny Delegating Fresh Credentials
- Deny Delegating Saved Credentials
- Device Installation
- Device Installation Restrictions
- Allow administrators to override Device Installation Restriction policies
- Allow installation of devices that match any of these device IDs
- Allow installation of devices using drivers that match these device setup classes
- Display a custom message title when device installation is prevented by a policy setting
- Display a custom message when installation is prevented by a policy setting
- Prevent installation of devices not described by other policy settings
- Prevent installation of devices that match any of these device IDs
- Prevent installation of devices using drivers that match these device setup classes
- Prevent installation of removable devices
- Time (in seconds) to force reboot when required for policy changes to take effect
- Allow remote access to the Plug and Play interface
- Configure device installation time-out
- Do not send a Windows error report when a generic driver is installed on a device
- Prevent creation of a system restore point during device activity that would normally prompt creation of a restore point
- Prevent device metadata retrieval from the Internet
- Prevent Windows from sending an error report when a device driver requests additional software during installation
- Prioritize all digitally signed drivers equally during the driver ranking and selection process
- Specify search order for device driver source locations
- Turn off "Found New Hardware" balloons during device installation
- Device Installation Restrictions
- Driver Installation
- Enhanced Storage Access
- Allow Enhanced Storage certificate provisioning
- Allow only USB root hub connected Enhanced Storage devices
- Configure list of Enhanced Storage devices usable on your computer
- Configure list of IEEE 1667 silos usable on your computer
- Do not allow non-Enhanced Storage removable devices
- Do not allow password authentication of Enhanced Storage devices
- Lock Enhanced Storage when the computer is locked
- Filesystem
- Folder Redirection
- Group Policy
- 記錄和追蹤
- 設定 Ini 檔案喜好設定記錄與追蹤
- 設定印表機喜好設定記錄與追蹤
- 設定地區選項喜好設定記錄與追蹤
- 設定應用程式喜好設定記錄與追蹤
- 設定捷徑喜好設定記錄與追蹤
- 設定排定的工作喜好設定記錄與追蹤
- 設定服務喜好設定記錄與追蹤
- 設定本機使用者和群組喜好設定記錄與追蹤
- 設定檔案喜好設定記錄與追蹤
- 設定環境喜好設定記錄與追蹤
- 設定登錄喜好設定記錄與追蹤
- 設定磁碟機對應喜好設定記錄與追蹤
- 設定網路選項喜好設定記錄與追蹤
- 設定網際網路設定喜好設定記錄與追蹤
- 設定裝置喜好設定記錄與追蹤
- 設定資料來源喜好設定記錄與追蹤
- 設定資料夾喜好設定記錄與追蹤
- 設定資料夾選項喜好設定記錄與追蹤
- 設定開始功能表喜好設定記錄與追蹤
- 設定電源選項喜好設定記錄與追蹤
- Allow Cross-Forest User Policy and Roaming User Profiles
- Always use local ADM files for Group Policy Object Editor
- Disallow Interactive Users from generating Resultant Set of Policy data
- Disk Quota policy processing
- EFS recovery policy processing
- Folder Redirection policy processing
- Group Policy refresh interval for computers
- Group Policy refresh interval for domain controllers
- Group Policy slow link detection
- Internet Explorer Maintenance policy processing
- IP Security policy processing
- Registry policy processing
- Remove users ability to invoke machine policy refresh
- Scripts policy processing
- Security policy processing
- Software Installation policy processing
- Startup policy processing wait time
- Turn off background refresh of Group Policy
- Turn off Local Group Policy objects processing
- Turn off Resultant Set of Policy logging
- User Group Policy loopback processing mode
- Wired policy processing
- Wireless policy processing
- 設定 Ini 檔案喜好設定延伸原則處理
- 設定印表機喜好設定延伸原則處理
- 設定地區選項喜好設定延伸原則處理
- 設定應用程式喜好設定延伸原則處理
- 設定捷徑喜好設定延伸原則處理
- 設定排定的工作喜好設定延伸原則處理
- 設定服務喜好設定延伸原則處理
- 設定本機使用者和群組喜好設定延伸原則處理
- 設定檔案喜好設定延伸原則處理
- 設定環境喜好設定延伸原則處理
- 設定登錄喜好設定延伸原則處理
- 設定磁碟機對應喜好設定延伸原則處理
- 設定網路選項喜好設定延伸原則處理
- 設定網際網路設定喜好設定延伸原則處理
- 設定裝置喜好設定延伸原則處理
- 設定資料來源喜好設定延伸原則處理
- 設定資料夾喜好設定延伸原則處理
- 設定資料夾選項喜好設定延伸原則處理
- 設定開始功能表喜好設定延伸原則處理
- 設定電源選項喜好設定延伸原則處理
- 透過遠端桌面服務登入時,允許非同步使用者群組原則處理
- 記錄和追蹤
- Internet Communication Management
- Internet Communication settings
- Turn off access to all Windows Update features
- Turn off Automatic Root Certificates Update
- Turn off downloading of print drivers over HTTP
- Turn off Event Viewer "Events.asp" links
- Turn off Help and Support Center "Did you know?" content
- Turn off Help and Support Center Microsoft Knowledge Base search
- Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com
- Turn off Internet download for Web publishing and online ordering wizards
- Turn off Internet File Association service
- Turn off printing over HTTP
- Turn off Registration if URL connection is referring to Microsoft.com
- Turn off Search Companion content file updates
- Turn off the "Order Prints" picture task
- Turn off the "Publish to Web" task for files and folders
- Turn off the Windows Messenger Customer Experience Improvement Program
- Turn off Windows Customer Experience Improvement Program
- Turn off Windows Error Reporting
- Turn off Windows Network Connectivity Status Indicator active tests
- Turn off Windows Update device driver searching
- 關閉個人化手寫資料共用
- 關閉手寫辨識錯誤報告
- Restrict Internet communication
- Internet Communication settings
- iSCSI
- iSCSI 安全性
- iSCSI 目標搜索
- 一般 iSCSI
- KDC
- Kerberos
- Locale Services
- Logon
- Always use classic logon
- Always use custom logon background
- Always wait for the network at computer startup and logon
- Assign a default domain for logon
- Don't display the Getting Started welcome screen at logon
- Do not process the legacy run list
- Do not process the run once list
- Exclude credential providers
- Hide entry points for Fast User Switching
- Run these programs at user logon
- Turn off Windows Startup Sound
- Net Logon
- DC Locator DNS Records
- Automated Site Coverage by the DC Locator DNS SRV Records
- DC Locator DNS records not registered by the DCs
- Domain Controller Address Type Returned
- Do not process incoming mailslot messages used for domain controller location based on NetBIOS domain names
- Dynamic Registration of the DC Locator DNS Records
- Force Rediscovery Interval
- Location of the DCs hosting a domain with single label DNS name
- Priority Set in the DC Locator DNS SRV Records
- Refresh Interval of the DC Locator DNS Records
- Sites Covered by the Application Directory Partition Locator DNS SRV Records
- Sites Covered by the DC Locator DNS SRV Records
- Sites Covered by the GC Locator DNS SRV Records
- Try Next Closest Site
- TTL Set in the DC Locator DNS Records
- Weight Set in the DC Locator DNS SRV Records
- Allow cryptography algorithms compatible with Windows NT 4.0
- Contact PDC on logon failure
- Expected dial-up delay on logon
- Final DC Discovery Retry Setting for Background Callers
- Initial DC Discovery Retry Setting for Background Callers
- Log File Debug Output Level
- Maximum DC Discovery Retry Interval Setting for Background Callers
- Maximum Log File Size
- Negative DC Discovery Cache Setting
- Positive Periodic DC Cache Refresh for Background Callers
- Positive Periodic DC Cache Refresh for Non-Background Callers
- Scavenge Interval
- Site Name
- DC Locator DNS Records
- Performance Control Panel
- Recovery
- Server Manager
- Troubleshooting and Diagnostics
- Application Compatibility Diagnostics
- Detect application failures caused by deprecated COM objects
- Detect application failures caused by deprecated Windows DLLs
- Detect application installers that need to be run as administrator
- Detect application install failures
- Detect applications unable to launch installers under UAC
- Notify blocked drivers
- Microsoft 支援服務診斷工具
- MSI 損毀檔案修復
- Windows 待命/繼續效能診斷
- Windows 效能 PerfTrack
- Windows 系統回應效能診斷
- Windows 記憶體遺漏診斷
- Windows 資源耗損偵測與解析
- Windows 開機效能診斷
- Windows 關機效能診斷
- 執行指令的診斷
- 容錯堆積
- 排程維護
- 損毀檔案修復
- 磁碟診斷
- 診斷: 設定狀況保留
- 診斷: 設定狀況執行層級
- Application Compatibility Diagnostics
- Trusted Platform Module Services
- User Profiles
- Add the Administrators security group to roaming user profiles
- Background upload of a roaming user profile's registry file while user is logged on
- Delete cached copies of roaming profiles
- Delete user profiles older than a specified number of days on system restart
- Do not check for user ownership of Roaming Profile Folders
- Do not detect slow network connections
- Do not forcefully unload the users registry at user logoff
- Do not log users on with temporary profiles
- Leave Windows Installer and Group Policy Software Installation Data
- Maximum retries to unload and update user profile
- Only allow local user profiles
- Prevent Roaming Profile changes from propagating to the server
- Prompt user when a slow network connection is detected
- Set maximum wait time for the network if a user has a roaming user profile or remote home directory
- Set roaming profile path for all users logging onto this computer
- Slow network connection timeout for user profiles
- Timeout for dialog boxes
- Wait for remote user profile
- Windows HotStart
- Windows Time Service
- Windows 檔案保護
- 分散式 COM
- 應用程式相容性設定
- 抽取式存放裝置存取權
- 指令碼
- 磁碟 NV 快取
- 磁碟配額
- 系統還原
- 裝置重新導向
- 裝置重新導向限制
- 遠端協助
- 遠端程序呼叫
- 關機選項
- 電源管理
- 按鈕設定
- 睡眠設定
- 允許應用程式防止自動睡眠 (一般電源)
- 允許應用程式防止自動睡眠 (使用電池)
- 允許開啟網路檔案時自動睡眠 (一般電源)
- 允許開啟網路檔案時自動睡眠 (使用電池)
- 喚醒電腦時必須使用密碼 (一般電源)
- 喚醒電腦時必須使用密碼 (使用電池)
- 指定系統休眠逾時 (一般電源)
- 指定系統休眠逾時 (使用電池)
- 指定系統睡眠逾時 (一般電源)
- 指定系統睡眠逾時 (使用電池)
- 指定自動睡眠逾時 (一般電源)
- 指定自動睡眠逾時 (使用電池)
- 睡眠時允許待命狀態 (S1-S3) (一般電源)
- 睡眠時允許待命狀態 (S1-S3) (使用電池)
- 開啟應用程式以防止睡眠轉換 (一般電源)
- 開啟應用程式防止睡眠轉換的能力 (使用電池)
- 關閉交互式睡眠 (一般電源)
- 關閉交互式睡眠 (使用電池)
- 硬碟設定
- 視訊與顯示設定
- 通知設定值
- 指定自訂使用中電源計劃
- 選取使用中電源計劃
- Do not display Manage Your Server page at logon
- Remove Boot / Shutdown / Logon / Logoff status messages
- Verbose vs normal status messages
- 下載遺失的 COM 元件
- 不要將移到已加密資料夾中的檔案自動加密
- 允許散佈式連結追蹤用戶端使用網域資源
- 啟動關機事件追蹤器系統狀態資料功能
- 啟用持續的時間戳記
- 在發生 Windows 系統關機後不要關閉系統電源。
- 將可能不安全的 HTML 說明功能限制於指定的資料夾
- 指定 Windows Service Pack 安裝檔案位置
- 指定 Windows 安裝檔案的位置
- 關閉 HTML Help 可執行檔的資料執行防止
- 限制這些程式從說明中啟動
- 顯示關機事件追蹤器
- Credentials Delegation
- Windows Components
- Active Directory Federation Services
- ActiveX Installer 服務
- Application Compatibility
- Backup
- Client
- Prevent backing up to local disks
- Prevent backing up to network location
- Prevent backing up to optical media (CD/DVD)
- Prevent the user from running the Backup Status and Configuration program
- Turn off restore functionality
- Turn off the ability to back up data files
- Turn off the ability to create a system image
- 伺服器
- Client
- BitLocker Drive Encryption
- Fixed Data Drives
- Allow access to BitLocker-protected fixed data drives from earlier versions of Windows
- Choose how BitLocker-protected fixed drives can be recovered
- Configure use of passwords for fixed data drives
- Configure use of smart cards on fixed data drives
- Deny write access to fixed drives not protected by BitLocker
- Operating System Drives
- Allow enhanced PINs for startup
- Choose how BitLocker-protected operating system drives can be recovered
- Configure minimum PIN length for startup
- Configure TPM platform validation profile
- Require additional authentication at startup (Windows Server 2008 and Windows Vista)
- Require additional authentication at startup
- Removable Data Drives
- Allow access to BitLocker-protected removable data drives from earlier versions of Windows
- Choose how BitLocker-protected removable drives can be recovered
- Configure use of passwords for removable data drives
- Configure use of smart cards on removable data drives
- Control use of BitLocker on removable drives
- Deny write access to removable drives not protected by BitLocker
- Choose default folder for recovery password
- Choose drive encryption method and cipher strength
- Choose how users can recover BitLocker-protected drives (Windows Server 2008 and Windows Vista)
- Prevent memory overwrite on restart
- Provide the unique identifiers for your organization
- Store BitLocker recovery information in Active Directory Domain Services(Windows Server 2008 and Windows Vista)
- Validate smart card certificate usage rule compliance
- Fixed Data Drives
- Credential User Interface
- Desktop Gadgets
- Desktop Window Manager
- HomeGroup
- Internet Explorer
- Accelerators
- Application Compatibility
- Enable cut, copy or paste operations from the clipboard if URLACTION_SCRIPT_PASTE is set to Prompt
- Compatibility View
- Corporate Settings
- Delete Browsing History
- Configure Delete Browsing History on exit
- Disable "Configuring History"
- Prevent Deleting Cookies
- Prevent Deleting Favorites Site Data
- Prevent Deleting Form Data
- Prevent Deleting InPrivate Filtering data
- Prevent Deleting Passwords
- Prevent Deleting Temporary Internet Files
- Prevent Deleting Web sites that the User has Visited
- Prevent the deletion of temporary Internet files and cookies
- Turn off "Delete Browsing History" functionality
- InPrivate
- Internet Control Panel
- Advanced Page
- Allow active content from CDs to run on user machines
- Allow Install On Demand (except Internet Explorer)
- Allow Install On Demand (Internet Explorer)
- Allow software to run or install even if the signature is invalid
- Allow third-party browser extensions
- Automatically check for Internet Explorer updates
- Check for server certificate revocation
- Check for signatures on downloaded programs
- Do not allow resetting Internet Explorer settings
- Do not save encrypted pages to disk
- Empty Temporary Internet Files folder when browser is closed
- Play animations in web pages
- Play sounds in web pages
- Play videos in web pages
- Turn off ClearType
- Turn off Encryption Support
- Turn off Profile Assistant
- Turn on Caret Browsing support
- Use HTTP 1.1 through proxy connections
- Use HTTP 1.1
- Security Page
- Internet Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Intranet Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Local Machine Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Internet Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Intranet Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Local Machine Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Restricted Sites Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Trusted Sites Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Restricted Sites Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Trusted Sites Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Internet Zone Template
- Intranet Sites: Include all local (intranet) sites not listed in other zones
- Intranet Sites: Include all network paths (UNCs)
- Intranet Sites: Include all sites that bypass the proxy server
- Intranet Zone Template
- Local Machine Zone Template
- Locked-Down Internet Zone Template
- Locked-Down Intranet Zone Template
- Locked-Down Local Machine Zone Template
- Locked-Down Restricted Sites Zone Template
- Locked-Down Trusted Sites Zone Template
- Restricted Sites Zone Template
- Site to Zone Assignment List
- Trusted Sites Zone Template
- Turn on automatic detection of the intranet
- Turn on Information bar notification for intranet content
- Turn on Warn about Certificate Address Mismatch
- Internet Zone
- Disable the Advanced page
- Disable the Connections page
- Disable the Content page
- Disable the General page
- Disable the Privacy page
- Disable the Programs page
- Disable the Security page
- Prevent ignoring certificate errors
- Send internationalized domain names
- Use UTF-8 for mailto links
- Advanced Page
- Internet Settings
- AutoComplete
- Component Updates
- Help Menu > About Internet Explorer
- Periodic check for updates to Internet Explorer and Internet Tools
- Security Features
- Add-on Management
- AJAX
- Binary Behavior Security Restriction
- Consistent Mime Handling
- Information Bar
- Local Machine Zone Lockdown Security
- Mime Sniffing Safety Feature
- MK Protocol Security Restriction
- Network Protocol Lockdown
- Object Caching Protection
- Protection From Zone Elevation
- Restrict ActiveX Install
- Restrict File Download
- Scripted Window Security Restrictions
- Turn off Data Execution Prevention
- Turn off Data URI Support
- Toolbars
- Add a specific list of search providers to the user's search provider list
- Configure new tab page default behavior
- Customize User Agent String
- Disable Automatic Install of Internet Explorer components
- Disable changing Automatic Configuration settings
- Disable changing connection settings
- Disable changing proxy settings
- Disable Per-User Installation of ActiveX Controls
- Disable Periodic Check for Internet Explorer software updates
- Disable showing the splash screen
- Disable software update shell notifications on program launch
- Do not allow users to enable or disable add-ons
- Enforce Full Screen Mode
- Make proxy settings per-machine (rather than per-user)
- Only use the ActiveX Installer Service for installation of ActiveX Controls
- Pop-up allow list
- Prevent "Fix settings" functionality
- Prevent Bypassing SmartScreen Filter Warnings
- Prevent Internet Explorer Search box from displaying
- Prevent participation in the Customer Experience Improvement Program
- Prevent performance of First Run Customize settings
- Restrict changing the default search provider
- Restrict search providers to a specific list of providers
- Security Zones: Do not allow users to add/delete sites
- Security Zones: Do not allow users to change policies
- Security Zones: Use only machine settings
- Set tab process growth
- Turn off ActiveX opt-in prompt
- Turn off Automatic Crash Recovery Prompt
- Turn off configuration of default behavior of new tab creation
- Turn off configuration of tabbed browsing pop-up behavior
- Turn off configuration of window reuse
- Turn off Crash Detection
- Turn off displaying the Internet Explorer Help Menu
- Turn off Favorites bar
- Turn off Managing Phishing filter
- Turn off Managing Pop-up Allow list
- Turn off managing Pop-up filter level
- Turn off Managing SmartScreen Filter
- Turn off page zooming functionality
- Turn off pop-up management
- Turn off Quick Tabs functionality
- Turn off Reopen Last Browsing Session
- Turn off suggestions for all user-installed providers
- Turn off tabbed browsing
- Turn off the activation of the quick pick menu
- Turn off the auto-complete feature for web addresses
- Turn off the Security Settings Check feature
- Turn on Compatibility Logging
- Turn on menu bar by default
- Internet Information Services
- NetMeeting
- Password Synchronization
- Set the interval between synchronization retries for Password Synchronization
- Set the number of synchronization retries for servers running Password Synchronization
- Turn on extensive logging for Password Synchronization
- Turn on the Windows to NIS password synchronization for users that have been migrated to Active Directory
- Remote Desktop Services
- RD Licensing
- Remote Desktop Connection Client
- RemoteFX USB Device Redirection
- Allow .rdp files from unknown publishers
- Allow .rdp files from valid publishers and user's default .rdp settings
- Configure server authentication for client
- Do not allow passwords to be saved
- Prompt for credentials on the client computer
- Specify SHA1 thumbprints of certificates representing trusted .rdp publishers
- 關閉用戶端的 UDP
- Remote Desktop Session Host
- Application Compatibility
- Connections
- Allow remote start of unlisted programs
- Allow users to connect remotely using Remote Desktop Services
- Automatic reconnection
- Configure keep-alive connection interval
- Deny logoff of an administrator logged in to the console session
- Limit number of connections
- Restrict Remote Desktop Services users to a single Remote Desktop Services session
- Set rules for remote control of Remote Desktop Services user sessions
- Turn off Fair Share CPU Scheduling
- 選取 RDP 傳輸通訊協定
- 選取伺服器上的網路偵測
- Device and Resource Redirection
- Allow audio and video playback redirection
- Allow audio recording redirection
- Allow time zone redirection
- Do not allow clipboard redirection
- Do not allow COM port redirection
- Do not allow drive redirection
- Do not allow LPT port redirection
- Do not allow smart card device redirection
- Do not allow supported Plug and Play device redirection
- Limit audio playback quality
- Licensing
- Printer Redirection
- Profiles
- RD Connection Broker
- Remote Session Environment
- Allow desktop composition for remote desktop sessions
- Always show desktop on connection
- Configure RemoteFX
- Do not allow font smoothing
- Enforce Removal of Remote Desktop Wallpaper
- Limit maximum color depth
- Limit maximum display resolution
- Limit maximum number of monitors
- Optimize visual experience for Remote Desktop Services sessions
- Optimize visual experience when using RemoteFX
- Remove "Disconnect" option from Shut Down dialog
- Remove Windows Security item from Start menu
- Set compression algorithm for RDP data
- Start a program on connection
- 啟用遠端桌面通訊協定 8.0
- 設定 RemoteFX Adaptive Graphics 的影像品質
- 設定 RemoteFX 彈性圖形
- Security
- Always prompt for password upon connection
- Do not allow local administrators to customize permissions
- Require secure RPC communication
- Require use of specific security layer for remote (RDP) connections
- Require user authentication for remote connections by using Network Level Authentication
- Server Authentication Certificate Template
- Set client connection encryption level
- Session Time Limits
- Temporary folders
- RSS Feeds
- Server for NIS
- Shutdown Options
- Tablet PC
- Handwriting personalization
- Input Panel
- Disable text prediction
- For tablet pen input, don't show the Input Panel icon
- For touch input, don't show the Input Panel icon
- Include rarely used Chinese, Kanji, or Hanja characters
- Prevent Input Panel tab from appearing
- Switch to the Simplified Chinese (PRC) gestures
- Turn off AutoComplete integration with Input Panel
- Turn off password security in Input Panel
- Turn off tolerant and Z-shaped scratch-out gestures
- Tablet PC 畫筆訓練
- 敏銳筆觸學習
- 游標
- 畫筆 UX 行為
- 硬體按鈕
- 觸控輸入
- 附屬應用程式
- Windows Defender
- Check for New Signatures Before Scheduled Scans
- Configure Microsoft SpyNet Reporting
- Turn off Real-Time Monitoring
- Turn off Routinely Taking Action
- Turn off Windows Defender
- Turn on definition updates through both WSUS and the Microsoft Malware Protection Center
- Turn on definition updates through both WSUS and Windows Update
- Windows Error Reporting
- Advanced Error Reporting Settings
- Configure Corporate Windows Error Reporting
- Configure Report Archive
- Configure Report Queue
- Default application reporting settings
- List of applications to always report errors for
- List of applications to be excluded
- List of applications to never report errors for
- Report operating system errors
- 報告並未計劃的關機事件
- Consent
- Configure Error Reporting
- Disable Logging
- Disable Windows Error Reporting
- Display Error Notification
- Do not send additional data
- Prevent display of the user interface for critical errors
- Advanced Error Reporting Settings
- Windows Explorer
- Previous Versions
- Disable binding directly to IPropertySetStorage without intermediate layers.
- Turn off numerical sorting in Windows Explorer
- Turn off shell protocol protected mode
- Verify old and new Folder Redirection targets point to the same share before redirecting
- 損毀時關閉終止堆集
- 設定支援網頁連結
- 關閉檔案總管的資料執行防止
- Windows Installer
- Allow admin to install from Remote Desktop Services session
- Always install with elevated privileges
- Baseline file cache maximum size
- Cache transforms in secure location on workstation
- Disable IE security prompt for Windows Installer scripts
- Disable logging via package settings
- Disable Windows Installer
- Enable user control over installs
- Enable user to browse for source while elevated
- Enable user to patch elevated products
- Enable user to use media source while elevated
- Enforce upgrade component rules
- Logging
- Prohibit Flyweight Patching
- Prohibit non-administrators from applying vendor signed updates
- Prohibit patching
- Prohibit removal of updates
- Prohibit rollback
- Prohibit Use of Restart Manager
- Prohibit User Installs
- Remove browse dialog box for new source
- Turn off creation of System Restore Checkpoints
- Windows Logon Options
- Windows Media Center
- Windows Media Digital Rights Management
- Windows Media Player
- Windows Messenger
- Windows Remote Management (WinRM)
- WinRM Client
- WinRM Service
- Allow automatic configuration of listeners
- Allow Basic authentication
- Allow CredSSP authentication
- Allow unencrypted traffic
- Disallow Kerberos authentication
- Disallow Negotiate authentication
- Specify channel binding token hardening level
- Turn On Compatibility HTTP Listener
- Turn On Compatibility HTTPS Listener
- Windows SideShow
- Windows System Resource Manager
- Windows Update
- Allow Automatic Updates immediate installation
- Allow non-administrators to receive update notifications
- Allow signed updates from an intranet Microsoft update service location
- Automatic Updates detection frequency
- Configure Automatic Updates
- Delay Restart for scheduled installations
- Do not adjust default option to 'Install Updates and Shut Down' in Shut Down Windows dialog box
- Do not display 'Install Updates and Shut Down' option in Shut Down Windows dialog box
- Enable client-side targeting
- Enabling Windows Update Power Management to automatically wake up the system to install scheduled updates
- No auto-restart with logged on users for scheduled automatic updates installations
- Re-prompt for restart with scheduled installations
- Reschedule Automatic Updates scheduled installations
- Specify intranet Microsoft update service location
- Turn on recommended updates via Automatic Updates
- Turn on Software Notifications
- Windows 可靠性分析
- Windows 客戶經驗改進計畫
- Windows 色彩系統
- Windows 行事曆
- Windows 行動中心
- Windows 遠端殼層
- Windows 郵件
- 事件檢視器
- 事件記錄服務
- 事件轉寄
- 定位和感應器
- 家長監護服務
- 工作排程器
- 搜尋
- OCR
- 不允許 Web 搜尋
- 以電池電力執行時防止編製索引以節省電池電力
- 停用索引子降速功能
- 允許使用變音符號
- 允許加密檔案索引
- 啟用為未快取之 Exchange 資料夾編製索引的功能
- 啟用為線上委派信箱編製索引的功能
- 啟用線上郵件索引編製的速度調節功能
- 控制各種附件的預覽功能
- 新增主要內部網路搜尋位置
- 新增次要內部網路搜尋位置
- 磁碟空間不足時停止編製索引
- 索引子資料位置
- 設定 Desktop Search 結果中的大型或小型圖示檢視
- 防止使用不在清單中的 iFilter 與通訊協定處理程式
- 防止對 Microsoft Office Outlook 編製索引
- 防止對公用資料夾編製索引
- 防止對離線檔案快取中的檔案編製索引
- 防止對電子郵件的附件編製索引
- 防止從控制台新增 UNC 位置到索引
- 防止新增使用者指定的位置到 [所有位置] 功能表
- 防止為特定檔案類型編製索引
- 防止為特定路徑編製索引
- 防止用戶端從遠端查詢索引
- 防止自訂控制台中的已索引位置
- 防止顯示控制台中的進階索引選項
- 預覽窗格位置
- 預設的已排除路徑
- 預設的已索引路徑
- 數位購物服務區
- 新增功能到 Windows 8.1
- 智慧卡
- 生物識別技術
- 簡報設定
- 網路存取保護
- 網路投影機
- 線上協助
- 自動播放原則
- 資訊安全中心
- 遊戲總管
- 錄音機
- Control Panel
- Display
- Personalization
- Enable screen saver
- Force a specific visual style file or force Windows Classic
- Force specific screen saver
- Load a specific theme
- Password protect the screen saver
- Prevent changing color scheme
- Prevent changing desktop background
- Prevent changing desktop icons
- Prevent changing mouse pointers
- Prevent changing screen saver
- Prevent changing sounds
- Prevent changing theme
- Prevent changing visual style for windows and buttons
- Prevent changing window color and appearance
- Prohibit selection of visual style font size
- Screen saver timeout
- Printers
- Regional and Language Options
- Hide Regional and Language Options administrative options
- Hide the geographic location option
- Hide the select language group options
- Hide user locale selection and customization options
- Restrict selection of Windows menus and dialogs language
- Restricts the UI languages Windows should use for the selected user
- 新增或移除程式
- 程式集
- 只顯示指定的控制台項目
- 禁止存取 [控制台] 和電腦設定
- 開啟 [控制台] 時永遠開啟 [所有控制台項目]
- 隱藏指定的控制台項目
- Desktop
- Active Directory
- Desktop
- Don't save settings at exit
- Do not add shares of recently opened documents to Network Locations
- Hide and disable all items on the desktop
- Hide Internet Explorer icon on desktop
- Hide Network Locations icon on desktop
- Prevent adding, dragging, dropping and closing the Taskbar's toolbars
- Prohibit adjusting desktop toolbars
- Prohibit User from manually redirecting Profile Folders
- Remove Computer icon on the desktop
- Remove My Documents icon on the desktop
- Remove Properties from the Computer icon context menu
- Remove Properties from the Documents icon context menu
- Remove Properties from the Recycle Bin context menu
- Remove Recycle Bin icon from desktop
- Remove the Desktop Cleanup Wizard
- Turn off Aero Shake window minimizing mouse gesture
- Network
- Offline Files
- Action on server disconnect
- Administratively assigned offline files
- Event logging level
- Initial reminder balloon lifetime
- Non-default server disconnect actions
- Prevent use of Offline Files folder
- Prohibit 'Make Available Offline' for these file and folders
- Prohibit user configuration of Offline Files
- Reminder balloon frequency
- Reminder balloon lifetime
- Remove 'Make Available Offline'
- Synchronize all offline files before logging off
- Synchronize all offline files when logging on
- Synchronize offline files before suspend
- Turn off reminder balloons
- Windows Connect Now
- 網路連線
- 可以刪除使用者開放遠端存取連線
- 可以啟用或停用區域網路連線
- 可以變更所有使用者遠端存取連線的內容
- 可以重新命名區域網路連線
- 可以重新命名所有使用者遠端存取連線
- 在只有有限的連線或無連線能力時關閉通知
- 所有的使用者都可以重新命名區域連線或遠端存取連線
- 禁止使用 TCP/IP 進階設定
- 禁止刪除遠端存取連線
- 禁止啟用或停用區域網路連線的元件
- 禁止存取 [進階] 功能表中的 [進階設定]
- 禁止存取 [進階] 功能表中的遠端存取喜好設定
- 禁止存取區域網路連線的屬性
- 禁止存取區域連線的元件屬性
- 禁止存取新增連線精靈
- 禁止存取遠端存取連線的元件屬性
- 禁止建立及中斷遠端存取連線
- 禁止新增及移除區域網路或遠端存取連線的元件
- 禁止檢視使用中連線的狀態
- 禁止變更私人遠端存取連線的屬性
- 禁止重新命名私人遠端存取連線
- 系統管理員可以進行 Windows 2000 網路連線設定
- Offline Files
- Start Menu and Taskbar
- Add "Run in Separate Memory Space" check box to Run dialog box
- Add Logoff to the Start Menu
- Add Search Internet link to Start Menu
- Add the Run command to the Start Menu
- Change Start Menu power button
- Clear history of recently opened documents on exit
- Clear the recent programs list for new users
- Do not allow pinning items in Jump Lists
- Do not allow pinning programs to the Taskbar
- Do not display any custom toolbars in the taskbar
- Do not display or track items in Jump Lists from remote locations
- Do not keep history of recently opened documents
- Do not search communications
- Do not search for files
- Do not search Internet
- Do not search programs and Control Panel items
- Do not use the search-based method when resolving shell shortcuts
- Do not use the tracking-based method when resolving shell shortcuts
- Force classic Start Menu
- Gray unavailable Windows Installer programs Start Menu shortcuts
- Hide the notification area
- Lock all taskbar settings
- Lock the Taskbar
- Prevent changes to Taskbar and Start Menu Settings
- Prevent grouping of taskbar items
- Prevent users from adding or removing toolbars
- Prevent users from moving taskbar to another screen dock location
- Prevent users from rearranging toolbars
- Prevent users from resizing the taskbar
- Remove access to the context menus for the taskbar
- Remove All Programs list from the Start menu
- Remove and prevent access to the Shut Down, Restart, Sleep, and Hibernate commands
- Remove Balloon Tips on Start Menu items
- Remove Clock from the system notification area
- Remove common program groups from Start Menu
- Remove Default Programs link from the Start menu.
- Remove Documents icon from Start Menu
- Remove Downloads link from Start Menu
- Remove drag-and-drop and context menus on the Start Menu
- Remove Favorites menu from Start Menu
- Remove frequent programs list from the Start Menu
- Remove Games link from Start Menu
- Remove Help menu from Start Menu
- Remove Homegroup link from Start Menu
- Remove links and access to Windows Update
- Remove Logoff on the Start Menu
- Remove Music icon from Start Menu
- Remove Network Connections from Start Menu
- Remove Network icon from Start Menu
- Remove Pictures icon from Start Menu
- Remove pinned programs from the Taskbar
- Remove pinned programs list from the Start Menu
- Remove programs on Settings menu
- Remove Recent Items menu from Start Menu
- Remove Recorded TV link from Start Menu
- Remove Run menu from Start Menu
- Remove Search Computer link
- Remove Search link from Start Menu
- Remove See More Results / Search Everywhere link
- Remove the "Undock PC" button from the Start Menu
- Remove the Action Center icon
- Remove the battery meter
- Remove the networking icon
- Remove the volume control icon
- Remove user's folders from the Start Menu
- Remove user folder link from Start Menu
- Remove user name from Start Menu
- Remove Videos link from Start Menu
- Show QuickLaunch on Taskbar
- Turn off all balloon notifications
- Turn off automatic promotion of notification icons to the taskbar
- Turn off feature advertisement balloon notifications
- Turn off notification area cleanup
- Turn off taskbar thumbnails
- Turn off user tracking
- System
- Ctrl+Alt+Del 選項
- Driver Installation
- Folder Redirection
- Group Policy
- Create new Group Policy object links disabled by default
- Default name for new Group Policy objects
- Disallow Interactive Users from generating Resultant Set of Policy data
- Enforce Show Policies Only
- Group Policy domain controller selection
- Group Policy refresh interval for users
- Group Policy slow link detection
- Turn off automatic update of ADM files
- Internet Communication Management
- Internet Communication settings
- Turn off downloading of print drivers over HTTP
- Turn off Internet download for Web publishing and online ordering wizards
- Turn off Internet File Association service
- Turn off printing over HTTP
- Turn off the "Order Prints" picture task
- Turn off the "Publish to Web" task for files and folders
- Turn off the Windows Messenger Customer Experience Improvement Program
- 關閉 Windows 線上
- 關閉個人化手寫資料共用
- 關閉手寫辨識錯誤報告
- 關閉說明使用經驗改進計畫
- 關閉說明分級
- Restrict Internet communication
- Internet Communication settings
- Locale Services
- Logon
- Performance Control Panel
- User Profiles
- Windows HotStart
- 抽取式存放裝置存取權
- 指令碼
- 電源管理
- Century interpretation for Year 2000
- Custom User Interface
- Don't display the Getting Started welcome screen at logon
- Windows Automatic Updates
- 下載遺失的 COM 元件
- 不要執行已指定的 Windows 應用程式
- 只執行指定的 Windows 應用程式
- 防止存取命令提示字元
- 防止存取登錄編輯工具
- 限制這些程式從說明中啟動
- Windows Components
- Application Compatibility
- Backup
- Client
- Prevent backing up to local disks
- Prevent backing up to network location
- Prevent backing up to optical media (CD/DVD)
- Prevent the user from running the Backup Status and Configuration program
- Turn off restore functionality
- Turn off the ability to back up data files
- Turn off the ability to create a system image
- Client
- Desktop Gadgets
- Desktop Window Manager
- Internet Explorer
- Accelerators
- Administrator Approved Controls
- Application Compatibility
- Enable cut, copy or paste operations from the clipboard if URLACTION_SCRIPT_PASTE is set to Prompt
- Browser menus
- Disable Context menu
- Disable Open in New Window menu option
- Disable Save this program to disk option
- File menu: Disable closing the browser and Explorer windows
- File menu: Disable New menu option
- File menu: Disable Open menu option
- File menu: Disable Save As... menu option
- File menu: Disable Save As Web Page Complete
- Help menu: Remove 'For Netscape Users' menu option
- Help menu: Remove 'Send Feedback' menu option
- Help menu: Remove 'Tip of the Day' menu option
- Help menu: Remove 'Tour' menu option
- Hide Favorites menu
- Tools menu: Disable Internet Options... menu option
- Turn off Print Menu
- View menu: Disable Full Screen menu option
- View menu: Disable Source menu option
- Compatibility View
- Delete Browsing History
- Configure Delete Browsing History on exit
- Disable "Configuring History"
- Prevent Deleting Cookies
- Prevent Deleting Favorites Site Data
- Prevent Deleting Form Data
- Prevent Deleting InPrivate Filtering data
- Prevent Deleting Passwords
- Prevent Deleting Temporary Internet Files
- Prevent Deleting Web sites that the User has Visited
- Prevent the deletion of temporary Internet files and cookies
- Turn off "Delete Browsing History" functionality
- InPrivate
- Internet Control Panel
- Advanced Page
- Allow active content from CDs to run on user machines
- Allow Install On Demand (except Internet Explorer)
- Allow Install On Demand (Internet Explorer)
- Allow software to run or install even if the signature is invalid
- Allow third-party browser extensions
- Automatically check for Internet Explorer updates
- Check for server certificate revocation
- Check for signatures on downloaded programs
- Do not allow resetting Internet Explorer settings
- Do not save encrypted pages to disk
- Empty Temporary Internet Files folder when browser is closed
- Play animations in web pages
- Play sounds in web pages
- Play videos in web pages
- Turn off ClearType
- Turn off Encryption Support
- Turn off Profile Assistant
- Turn on Caret Browsing support
- Use HTTP 1.1 through proxy connections
- Use HTTP 1.1
- Security Page
- Internet Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Intranet Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Local Machine Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Internet Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Intranet Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Local Machine Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Restricted Sites Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Trusted Sites Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Restricted Sites Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Trusted Sites Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Internet Zone Template
- Intranet Sites: Include all local (intranet) sites not listed in other zones
- Intranet Sites: Include all network paths (UNCs)
- Intranet Sites: Include all sites that bypass the proxy server
- Intranet Zone Template
- Local Machine Zone Template
- Locked-Down Internet Zone Template
- Locked-Down Intranet Zone Template
- Locked-Down Local Machine Zone Template
- Locked-Down Restricted Sites Zone Template
- Locked-Down Trusted Sites Zone Template
- Restricted Sites Zone Template
- Site to Zone Assignment List
- Trusted Sites Zone Template
- Turn on automatic detection of the intranet
- Turn on Information bar notification for intranet content
- Turn on Warn about Certificate Address Mismatch
- Internet Zone
- Disable the Advanced page
- Disable the Connections page
- Disable the Content page
- Disable the General page
- Disable the Privacy page
- Disable the Programs page
- Disable the Security page
- Prevent ignoring certificate errors
- Send internationalized domain names
- Use UTF-8 for mailto links
- Advanced Page
- Internet Settings
- Advanced settings
- Browsing
- Internet Connection Wizard Settings
- Multimedia
- Printing
- Searching
- Signup Settings
- AutoComplete
- Display settings
- General Colors
- Link Colors
- Prevent users from choosing default text size
- URL Encoding
- Advanced settings
- Offline Pages
- Disable adding channels
- Disable adding schedules for offline pages
- Disable all scheduled offline pages
- Disable channel user interface completely
- Disable downloading of site subscription content
- Disable editing and creating of schedule groups
- Disable editing schedules for offline pages
- Disable offline page hit logging
- Disable removing channels
- Disable removing schedules for offline pages
- Subscription Limits
- Persistence Behavior
- Security Features
- Add-on Management
- AJAX
- Binary Behavior Security Restriction
- Consistent Mime Handling
- Information Bar
- Local Machine Zone Lockdown Security
- Mime Sniffing Safety Feature
- MK Protocol Security Restriction
- Network Protocol Lockdown
- Object Caching Protection
- Protection From Zone Elevation
- Restrict ActiveX Install
- Restrict File Download
- Scripted Window Security Restrictions
- Turn off Data URI Support
- Toolbars
- Auto-hide the Toolbars
- Configure Toolbar Buttons
- Customize Command Labels
- Disable customizing browser toolbar buttons
- Disable customizing browser toolbars
- Hide the Command Bar
- Hide the Status Bar
- Lock all Toolbars
- Set location of Stop and Refresh buttons
- Turn off Developer Tools
- Turn off toolbar upgrade tool
- Use large Icons for Command Buttons
- Add a specific list of search providers to the user's search provider list
- Configure Media Explorer Bar
- Configure new tab page default behavior
- Configure Outlook Express
- Customize User Agent String
- Disable AutoComplete for forms
- Disable caching of Auto-Proxy scripts
- Disable changing accessibility settings
- Disable changing Advanced page settings
- Disable changing Automatic Configuration settings
- Disable changing Calendar and Contact settings
- Disable changing certificate settings
- Disable changing color settings
- Disable changing connection settings
- Disable changing default browser check
- Disable changing font settings
- Disable changing home page settings
- Disable changing language settings
- Disable changing link color settings
- Disable changing Messaging settings
- Disable changing Profile Assistant settings
- Disable changing proxy settings
- Disable changing ratings settings
- Disable changing secondary home page settings
- Disable changing Temporary Internet files settings
- Disable external branding of Internet Explorer
- Disable Import/Export Settings wizard
- Disable Internet Connection wizard
- Disable Per-User Installation of ActiveX Controls
- Disable the Reset Web Settings feature
- Display error message on proxy script download failure
- Do not allow users to enable or disable add-ons
- Enforce Full Screen Mode
- Identity Manager: Prevent users from using Identities
- Only use the ActiveX Installer Service for installation of ActiveX Controls
- Pop-up allow list
- Prevent "Fix settings" functionality
- Prevent Bypassing SmartScreen Filter Warnings
- Prevent Internet Explorer Search box from displaying
- Prevent participation in the Customer Experience Improvement Program
- Prevent performance of First Run Customize settings
- Restrict changing the default search provider
- Restrict search providers to a specific list of providers
- Search: Disable Find Files via F3 within the browser
- Search: Disable Search Customization
- Set tab process growth
- Turn off ActiveX opt-in prompt
- Turn off Automatic Crash Recovery Prompt
- Turn off configuration of default behavior of new tab creation
- Turn off configuration of tabbed browsing pop-up behavior
- Turn off configuration of window reuse
- Turn off Crash Detection
- Turn off displaying the Internet Explorer Help Menu
- Turn off Favorites bar
- Turn off Managing Phishing filter
- Turn off Managing Pop-up Allow list
- Turn off managing Pop-up filter level
- Turn off Managing SmartScreen Filter
- Turn off page zooming functionality
- Turn off pop-up management
- Turn off Quick Tabs functionality
- Turn off Reopen Last Browsing Session
- Turn off suggestions for all user-installed providers
- Turn off tabbed browsing
- Turn off Tab Grouping
- Turn off the activation of the quick pick menu
- Turn off the auto-complete feature for web addresses
- Turn off the Security Settings Check feature
- Turn on Compatibility Logging
- Turn on menu bar by default
- Turn on Suggested Sites
- Turn on the auto-complete feature for user names and passwords on forms
- Use Automatic Detection for dial-up connections
- Microsoft Management Console
- 限制的/許可的嵌入式管理單元
- 延伸嵌入式管理單元
- 群組原則
- 原則結果組嵌入式管理單元延伸
- 喜好設定嵌入式管理單元延伸
- 允許使用 Ini 檔案喜好設定延伸
- 允許使用 [喜好設定] 索引標籤
- 允許使用印表機喜好設定延伸
- 允許使用地區選項喜好設定延伸
- 允許使用應用程式喜好設定延伸
- 允許使用應用程式嵌入式管理單元
- 允許使用捷徑喜好設定延伸
- 允許使用排定的工作喜好設定延伸
- 允許使用控制台設定 (使用者)
- 允許使用控制台設定 (電腦)
- 允許使用服務喜好設定延伸
- 允許使用本機使用者和群組喜好設定延伸
- 允許使用檔案喜好設定延伸
- 允許使用環境喜好設定延伸
- 允許使用登錄喜好設定延伸
- 允許使用磁碟機對應喜好設定延伸
- 允許使用網路選項喜好設定延伸
- 允許使用網際網路設定喜好設定延伸
- 允許使用裝置喜好設定延伸
- 允許使用資料來源喜好設定延伸
- 允許使用資料夾喜好設定延伸
- 允許使用資料夾選項喜好設定延伸
- 允許使用開始功能表喜好設定延伸
- 允許使用電源選項喜好設定延伸
- 群組原則嵌入式管理單元延伸
- Active Directory 工具的群組原則索引標籤
- 原則結果組嵌入式管理單元
- 群組原則入門 GPO 編輯器
- 群組原則物件編輯器
- 群組原則管理
- 群組原則管理編輯器
- .Net Framework 組態
- Active Directory 使用者和電腦
- Active Directory 站台及服務
- Active Directory 網域及信任
- ActiveX 控制項
- ADSI 編輯
- DFS 管理
- Enterprise PKI
- FrontPage 伺服器延伸
- IP 安全性原則管理
- IP 安全性監視器
- NAP 用戶端設定
- QoS 許可控制
- SAN 存放管理員
- TPM 管理
- WMI 控制
- 事件檢視器 (Windows Vista)
- 事件檢視器
- 伺服器管理員
- 健康情況登錄授權單位 (HRA)
- 傳真服務
- 元件服務
- 具有進階安全性的 Windows 防火牆
- 分散式檔案系統
- 安全性範本
- 安全性設定及分析
- 容錯移轉叢集管理員
- 憑證
- 憑證授權單位
- 憑證範本
- 抽取式存放裝置管理
- 效能記錄及警示
- 服務
- 本機使用者和群組
- 檔案伺服器資源管理員
- 無線監視器
- 磁碟管理
- 磁碟重組工具
- 系統資訊
- 索引服務
- 網址連結
- 網路原則伺服器 (NPS)
- 網際網路資訊服務
- 網際網路驗證服務 (IAS)
- 線上回應
- 裝置管理員
- 路由及遠端存取
- 遠端桌面
- 遠端桌面服務設定
- 電腦管理
- 電話語音
- 限制使用者只能使用明確許可的嵌入式管理單元清單
- 限制使用者進入作者模式
- 限制的/許可的嵌入式管理單元
- NetMeeting
- [選項] 畫面
- 應用程式共用
- 音訊及視訊
- 停用 NetMeeting 2.x 電子白板
- 停用目錄服務
- 停用聊天功能
- 停用電子白板
- 允許持續性自動接受呼叫
- 啟用自動設定
- 設定內部網路支援網頁
- 設定呼叫安全性選項
- 防止傳送檔案
- 防止接收檔案
- 防止新增目錄伺服器
- 防止檢視網站目錄
- 防止自動接受呼叫
- 防止變更進行呼叫的方式
- 限制傳送檔案的大小
- Remote Desktop Services
- RD Gateway
- Remote Desktop Connection Client
- Remote Desktop Session Host
- Connections
- Device and Resource Redirection
- Printer Redirection
- Remote Session Environment
- Session Time Limits
- RSS Feeds
- Tablet PC
- Handwriting personalization
- Input Panel
- Disable text prediction
- For tablet pen input, don't show the Input Panel icon
- For touch input, don't show the Input Panel icon
- Include rarely used Chinese, Kanji, or Hanja characters
- Prevent Input Panel tab from appearing
- Switch to the Simplified Chinese (PRC) gestures
- Turn off AutoComplete integration with Input Panel
- Turn off password security in Input Panel
- Turn off tolerant and Z-shaped scratch-out gestures
- Tablet PC 畫筆訓練
- 敏銳筆觸學習
- 游標
- 畫筆 UX 行為
- 硬體按鈕
- 觸控輸入
- 附屬應用程式
- Windows Error Reporting
- Windows Explorer
- Common Open File Dialog
- Explorer Frame Pane
- Previous Versions
- Allow only per user or approved shell extensions
- Disable binding directly to IPropertySetStorage without intermediate layers.
- Disable Known Folders
- Display confirmation dialog when deleting files
- Do not move deleted files to the Recycle Bin
- Do not request alternate credentials
- Do not track Shell shortcuts during roaming
- Hides the Manage item on the Windows Explorer context menu
- Hide these specified drives in My Computer
- Maximum allowed Recycle Bin size
- Maximum number of recent documents
- No Computers Near Me in Network Locations
- No Entire Network in Network Locations
- Pin Internet search sites to the "Search again" links and the Start menu
- Pin Libraries or Search Connectors to the "Search again" links and the Start menu
- Prevent access to drives from My Computer
- Remove "Map Network Drive" and "Disconnect Network Drive"
- Remove CD Burning features
- Remove DFS tab
- Remove File menu from Windows Explorer
- Remove Hardware tab
- Remove Search button from Windows Explorer
- Remove Security tab
- Removes the Folder Options menu item from the Tools menu
- Remove the Search the Internet "Search again" link
- Remove UI to change menu animation setting
- Remove Windows Explorer's default context menu
- Request credentials for network installations
- Turn off caching of thumbnail pictures
- Turn off display of recent search entries in the Windows Explorer search box
- Turn off numerical sorting in Windows Explorer
- Turn off shell protocol protected mode
- Turn off the display of snippets in Content view mode
- Turn off Windows+X hotkeys
- Turn off Windows Libraries features that rely on indexed file data
- Turn on Classic Shell
- 使用者登入時不要顯示 [歡迎中心]
- 關閉一般控制項與視窗動畫
- 關閉在隱藏的 thumbs.db 檔案中快取縮圖
- 關閉網路資料夾上的縮圖顯示,僅顯示圖示
- 關閉縮圖顯示,僅顯示圖示。
- 防止使用者新增檔案至其 [使用者檔案] 資料夾的根目錄中。
- 顯示 [檔案總管] 中的功能表列
- Windows Installer
- Windows Logon Options
- Windows Media Center
- Windows Media Player
- Windows Messenger
- Windows SideShow
- Windows Update
- Windows 色彩系統
- Windows 行事曆
- Windows 行動中心
- Windows 郵件
- 定位和感應器
- 工作排程器
- 搜尋
- 數位購物服務區
- 新增功能到 Windows 8.1
- 立即搜尋
- 簡報設定
- 網路共用
- 網路投影機
- 自動播放原則
- 錄音機
- 附件管理員