+ Post New Thread
Results 1 to 7 of 7
Windows Thread, Internet Explorer 7 in Technical; Hi Sorry if this has been posted elsewhere i tried searching IE7 and Internet Explorer 7 but i havn't found ...
  1. #1
    tomscaper's Avatar
    Join Date
    Jul 2006
    Posts
    814
    Thank Post
    118
    Thanked 29 Times in 15 Posts
    Rep Power
    22

    Internet Explorer 7

    Hi

    Sorry if this has been posted elsewhere i tried searching IE7 and Internet Explorer 7 but i havn't found anything yet.

    We have just recently deployed IE7 around school, and i have recently noticed that the students are able to click on any exe, msi or any addons, and install them.

    Would it be possible to have a look at anyones group policy settings to see if i have missed anything when i was locking it down.

    Currently students cannot save files they click on but they are still able to run them directly.

    I have been able to block exe and msi from our proxy but previously with IE6 the students were unable to download and run any files through internet explorer, but other file types will still be able to run.

  2. #2

    ZeroHour's Avatar
    Join Date
    Dec 2005
    Location
    Edinburgh, Scotland
    Posts
    5,699
    Thank Post
    950
    Thanked 1,355 Times in 828 Posts
    Blog Entries
    1
    Rep Power
    451
    Ahh this gotcha, its not IE7 related specifically as IE6 could run downloads too.
    Try adding a file execution policy block on:
    C:\Documents and Settings\*\Local Settings\Temporary Internet Files
    as thats the location that "run" exe's etc are actually run from.

  3. #3

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,266
    Thank Post
    242
    Thanked 1,575 Times in 1,254 Posts
    Rep Power
    341
    I agree this is an Internet Explorer behaviour and there isn't a policy to switch it off unfortunately. It happens in IE5, 6, 7 and 8.

    Zerohour's suggestion is a good one, but I am not sure if this would stop users opening PDFs or Word documents within IE as well?

  4. #4
    tomscaper's Avatar
    Join Date
    Jul 2006
    Posts
    814
    Thank Post
    118
    Thanked 29 Times in 15 Posts
    Rep Power
    22
    Quote Originally Posted by Michael View Post
    I agree this is an Internet Explorer behaviour and there isn't a policy to switch it off unfortunately. It happens in IE5, 6, 7 and 8.

    Zerohour's suggestion is a good one, but I am not sure if this would stop users opening PDFs or Word documents within IE as well?
    Thats my main problem i want to stop specific files but not disable the others that are legitimate, I have been able to set it so that office docs open in there program rather than IE

    I have been looking into this today and i think that something else has been changed as both staff and students can now install from cd.

    Is there a policy with in windows to stop any kind of installtion unless administrator.

  5. #5

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,266
    Thank Post
    242
    Thanked 1,575 Times in 1,254 Posts
    Rep Power
    341
    You could always remove access to D:\ altogether if access to disc drives aren't required. Hiding/restricting access to C:\ should stop most applications installing, but more common 'attempts' should be blocked using Software Restriction Policies.

  6. #6

    ZeroHour's Avatar
    Join Date
    Dec 2005
    Location
    Edinburgh, Scotland
    Posts
    5,699
    Thank Post
    950
    Thanked 1,355 Times in 828 Posts
    Blog Entries
    1
    Rep Power
    451
    Quote Originally Posted by Michael View Post
    Zerohour's suggestion is a good one, but I am not sure if this would stop users opening PDFs or Word documents within IE as well?
    It doesnt block things like that for us. Just the extensions we want like exe's etc.
    PDF can open inside IE or do anything.

  7. #7

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,266
    Thank Post
    242
    Thanked 1,575 Times in 1,254 Posts
    Rep Power
    341
    It doesnt block things like that for us. Just the extensions we want like exe's etc.
    PDF can open inside IE or do anything.
    That's good to know It's never bothered me too much even if users do run exe's, as nothing is displayed due to controlled Desktops/Start Menus. They soon get bored and machines get re-imaged eventually.

SHARE:
+ Post New Thread

Similar Threads

  1. Internet Explorer 8
    By Quackers in forum Windows
    Replies: 28
    Last Post: 20th March 2009, 11:41 AM
  2. Internet Explorer 8 has RTM
    By Michael in forum Windows
    Replies: 10
    Last Post: 24th February 2009, 10:22 AM
  3. Internet Explorer 8
    By tech_guy in forum Windows
    Replies: 6
    Last Post: 27th January 2009, 11:31 AM
  4. Internet Explorer
    By JonR in forum Windows
    Replies: 2
    Last Post: 25th February 2008, 09:14 AM
  5. Can you update Internet mobile to Internet Explorer?
    By thegrassisgreener in forum Windows
    Replies: 1
    Last Post: 16th July 2007, 01:48 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •