Details

This policy setting determines whether a page can control embedded WebBrowser controls via script.

If you enable this policy setting, script access to the WebBrowser control is allowed.

If you disable this policy setting, script access to the WebBrowser control is not allowed.

If you do not configure this policy setting, the user can enable or disable script access to the WebBrowser control. By default, script access to the WebBrowser control is allowed only in the Local Machine and Intranet zones.

Solution

Policy Path: Windows ComponentsInternet ExplorerInternet Control PanelSecurity PageRestricted Sites Zone
Policy Setting Name: Allow scripting of Internet Explorer WebBrowser controls

Supportive Information

The following resource is also helpful.

• https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-final-for-windows-10-v1909-and-windows-server/ba-p/1023093

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.

References

• 800-53|CM-7a.

Source

• Tenable.com/audits