I never understood how Internet Explorer Enhanced Security Configuration for Windows Server 2003 improves security. It is always a risk to surf the Internet on a productive server. I guess there are not many sysops out there who do this. Sometimes, however, you want to download a driver or an update on a server. Usually you do this from reliable sources, and then Internet Explorer just keeps bugging you to add the site to the Trusted sites zone. What sense does this make? If you don't trust the site you shouldn't access it at all, especially not from a server. What extra security will it bring if I add it to a list of trusted sites?

If you only need to access the web every now and then from a server or if you are working on a test server, then you can disable Internet Explorer Enhanced Security Configuration. The funny thing is that the documentation doesn't say how to disable it. I guess that shall bring some extra security. I also didn't find a way to turn it off in the IE configuration. It seems one has to uninstall it: Go to Control Panel, then Add or Remove Programs, then to Windows Components.

Subscribe to 4sysops newsletter!

If you have to access web sites regularly from a server, I recommend using another browser. Don't use Firefox for this purpose either. This web browser is too popular now and has probably as many security holes as IE. When it comes to security, my choice is Opera.

10 Comments
  1. Sumith Jacob Chacko 14 years ago

    As you mentioned, there are no tips in the documentation to turn off this feature. All my lookups on the web too seems to be in vain..

    This feature is really driving me crazy.. But uninstalling the feature has costed me a SharePoint crash in the past..

  2. dvsteven 14 years ago

    Thanks for the insight.... I couldn't turn off the darned enhanced features (but didn't think this was effecting my Excel Services), but it was. Thanks for the help.

  3. Arthur 13 years ago

    open control panel
    select add remove programs
    uncheck internet explorer enhanced sucirty

  4. Ivan Versluis 12 years ago

    Hi Michael,

    Today I created a script to disable this feature which enabled by default on Windows Server 2003.

    http://www.networknet.nl/apps/wp/archives/874

    I don't like to redo thing over and over again. Windows Server 2003 will be in production for a while.

  5. Ivan, thanks! This "security feature" gets on my nerves at least once a week.

  6. Gautham 12 years ago

    Try this:
    disable IE enhanced security[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}]"IsInstalled"=dword:00000000

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}]"IsInstalled"=dword:00000000
    Need to reboot the machine

  7. Todd 11 years ago

    Control Panel > Add Remove Programs > Windows Components and uncheck the box for IE Enhanced Security Config

  8. david stevens 10 years ago

    I'm trying to disable this enhanced security feature on the terminal services server where my users log on remotely.
    Having disabled it as detailed above (thanks Guys!) I now can't "Explore" at all. IE opens but I get a warning message telling me that Enhanced security is disabled and telling me how to enable it. It finishes by telling me to go to server manager to change settings. Problem is I don't have "Server Manager" neither is servermanager.msc found.
    All help gratefully received.

    manythanks

  9. Jason 10 years ago

    Thanks for the quick tip - I always forget how to do this and you came up first in google way to go. thanks, jason

Leave a reply

Please enclose code in pre tags

Your email address will not be published. Required fields are marked *

*

© 4sysops 2006 - 2022

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account