Internet Explorer Security Settings

slmsz20 · #1

I was wondering if anyone found a work around on the Internet Explorer security settings. The administration image from desktop 5.5 uses a custom security level for iexplorer, which disables some standard security features that explorer 7 does not like turned off. If you update to explorer 7, the user gets spammed with security warnings everytime they open it. I know how to disable the spam message using group policies but was wondering if it was possible to just enable the correct security settings permanently.

I still haven't updated to service pack 3, was hoping they would just release another update CD like they did when broadband was first authorized for stakes.

#2

JKELogan wrote:I was wondering if anyone found a work around on the Internet Explorer security settings. The administration image from desktop 5.5 uses a custom security level for iexplorer, which disables some standard security features that explorer 7 does not like turned off. If you update to explorer 7, the user gets spammed with security warnings everytime they open it. I know how to disable the spam message using group policies but was wondering if it was possible to just enable the correct security settings permanently.

I still haven't updated to service pack 3, was hoping they would just release another update CD like they did when broadband was first authorized for stakes.

After updating to IE8, the security warnings for me went away. However, I normally use Firefox which has never complained about such things.

#3

JKELogan wrote:I was wondering if anyone found a work around on the Internet Explorer security settings.

Yes, but unfortunately I did not document the settings that were changed. Like Mikerowaved I upgraded the computer that had the IE7 setting changes to IE8 . That upgrade made enough changes to the system, including the registry where changes had been made for IE7, so that I cannot tell if the changes were what I made for IE7 or if they were a result of the IE8 install.

crislapi · #4

jdlessley wrote:Yes, but unfortunately I did not document the settings that were changed. Like Mikerowaved I upgraded the computer that had the IE7 setting changes to IE8 . That upgrade made enough changes to the system, including the registry where changes had been made for IE7, so that I cannot tell if the changes were what I made for IE7 or if they were a result of the IE8 install.

I remember having to change some values in the registry in order to make the options editable. I'm not going to recommend that because one mistake could hose your entire computer. If you really want to remove it, though, google it and you'll find the steps, too. However, the simplest way is to find the folder it is pointing to (it's something like Program Files>Microsoft>IE>Custom or maybe it's under the windows folder - not sure right now) and just change the name of the "custom" folder or delete it completely. The script will no longer exist, and IE will run w/o throwing the security errors.

slmsz20 · #5

crislapi wrote:I remember having to change some values in the registry in order to make the options editable. I'm not going to recommend that because one mistake could hose your entire computer. If you really want to remove it, though, google it and you'll find the steps, too. However, the simplest way is to find the folder it is pointing to (it's something like Program Files>Microsoft>IE>Custom or maybe it's under the windows folder - not sure right now) and just change the name of the "custom" folder or delete it completely. The script will no longer exist, and IE will run w/o throwing the security errors.

The custom folder is the easiest way to fix it. It's found in c:\Program Files\Internet Explorer\Custom. Just remove it to set your own security settings.

I am a fan of 3rd party browsers, but I do like the simplicity of locking down certain settings for Explorer for the Ward/Stake admin computers. My main pet peeve is that the Desktop 5.5 made it overly complicated to update anything; minus one update cd for the broadband connection preparation, there has been no updates released by the central IT department, so most are stuck with what 5.5 came with or they know a little about how windows works and adjusts it themselves.

What really brought my desire to upate was that the Church's own website no longer displays correctly on ie6 (the one installed with 5.5) so I am now updating our stake to 7. I will update to 8 eventually but have no desire for now unless something breaks for 7 until then.

russellhltn · #6

Out of curiosity, has anyone looked to see exactly what the church settings are? I can understand the goal of getting rid of annoying messages. However, I'm concerned that we might be "throwing out the baby with the bathwater" if we simply default the settings. Are any of the church's settings more restrictive than default, and therefore should be kept?

slmsz20 · #7

Minus the website restricted settings, (which you can leave in place) the default church settings leave a lot of holes open. So the default settings are actually more secure than the church settings.

RussellHltn wrote:Out of curiosity, has anyone looked to see exactly what the church settings are? I can understand the goal of getting rid of annoying messages. However, I'm concerned that we might be "throwing out the baby with the bathwater" if we simply default the settings. Are any of the church's settings more restrictive than default, and therefore should be kept?