Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Resources
Documents
Publishers
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Microsoft Internet Explorer 11 Security Technical Implementation Guide
SRG-APP-000516
.NET Framework-reliant components not signed with Authenticode must be disallowed to run (Internet zone).
.NET Framework-reliant components not signed with Authenticode must be disallowed to run (Internet zone).
An XCCDF Rule
Details
Profiles
Prose
.NET Framework-reliant components not signed with Authenticode must be disallowed to run (Internet zone).
Medium Severity
Unsigned components are more likely to contain malicious code and it is more difficult to determine the author of the application - therefore they should be avoided if possible. This policy setting allows you to manage whether .NET Framework components that are not signed with Authenticode can be executed from Internet Explorer. These components include managed controls referenced from an object tag and managed executables referenced from a link. If you enable this policy setting, Internet Explorer will execute unsigned managed components. If you select "Prompt" in the drop-down box, Internet Explorer will prompt the user to determine whether to execute unsigned managed components. If you disable this policy setting, Internet Explorer will not execute unsigned managed components. If you do not configure this policy setting, Internet Explorer will not execute unsigned managed components.