Process List

Internet Explorer places zone restrictions on each Web page it opens, which are dependent upon the location of the Web page (Internet, Intranet, Local Machine zone, and so on). Web pages on the local computer have the fewest security restrictions and reside in the Local Machine zone.

Local Machine zone security applies to all local files and content. This feature helps to mitigate attacks where the Local Machine zone is used as an attack vector to load malicious HTML code.

If you enable this policy setting and enter a value of 1, Local Machine Zone security applies. If you enter a value of 0, Local Machine Zone security does not apply. If a Value Name is empty or the Value is not 0 or 1, the policy setting is ignored.

Do not enter the Internet Explorer processes in this list: use the related Internet Explorer Processes policy to enable or disable IE processes. If the All Processes policy setting is enabled, the processes configured in this box take precedence over that setting.

If you disable or do not configure this policy setting, the security feature is allowed.

Supported on: At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1
Registry PathSoftware\Policies\Microsoft\Internet Explorer\Main\FeatureControl
Enabled Value1
Disabled Value0

Process List:

Registry PathSoftware\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN
Value Name{number}
Value TypeREG_SZ
Default Value


Administrative Templates (Computers)

Administrative Templates (Users)