When a Web page is opened in Internet Explorer, Internet Explorer puts restrictions on what the page can do, based on where ...

Windows Server 2003

"When a Web page is opened in Internet Explorer, Internet Explorer puts restrictions on what the page can do, based on where that Web page came from: the Internet, a local intranet server, a trusted site, and so on. For example, pages on the Internet have stricter security restrictions than pages on a user's local intranet. Web pages on a user's computer are in the Local Machine security zone, where they have the fewest security restrictions. This makes the Local Machine security zone a prime target for malicious users. Zone Elevation Blocks makes it harder to get code to run in this zone. (As a separate feature, Local Machine Zone Lockdown makes the zone less vulnerable to malicious users by changing its security settings.)

Internet Explorer prevents the overall security context for any link on a page from being higher than the security context of the root URL. This means, for example, that a page in the Internet zone cannot navigate to a page in the Local Intranet zone, except as the result of a user-initiated action. A script, for example, could not cause this navigation. For the purpose of this mitigation, the security context ranking of the zones, from highest security context to lowest, is: Restricted Sites zone, Internet zone, Local Intranet zone, Trusted Sites zone, and Local Machine zone.

Zone Elevation also disables JavaScript navigation if there is no security context.

Settings note: this feature can be turned off or set to prompt by zone in IE security zones settings."

When %s logs onto this computer, should the operating system use the roaming profile or just the locally cached copy of the ... When a block of memory is allotted for future updates, such as the memory allocated to hold discretionary access control ... When a client certificate is presented, these matching rules will be examined in the order in which they appear below. Upon ... When a file or folder is deleted in Windows Explorer, a copy of the file or folder is placed in the Recycle Bin. Using this ... When a Web page is opened in Internet Explorer, Internet Explorer puts restrictions on what the page can do, based on where ... When all the information has been downloaded, the bar will be completely filled and you'll move to the next screen automatically. ... When an object identifier begins with either the number 0 or the number 1, the second number must be in the range of 0 to ... When any of these certificates are presented by a web client and authenticated, the user can automatically be logged in as ... When applications performing periodic searches for domain controllers (DC) are unable to find a DC, the value set in this ...