4.4 Low

The Low security level ( ) applies these settings:

• .NET Framework
    Loose XAML: Enable
    XAML browser applications: Enable
    XPS documents: Enable
• .NET Framework-reliant components
    Run components not signed with Authenticode: Disable
    Run components signed with Authenticode: Disable
• ActiveX controls and plug-ins
    Allow previously unused ActiveX controls to run without prompt: Disable
    Allow scriptlets: Disable
    Automatic prompting for ActiveX controls: Disable
    Binary and script behaviors: Enable
    Display video and animation on a webpage that does not use external media player: Disable
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disable
    Initialize and script ActiveX controls not marked as safe: Disable
    Run ActiveX controls and plug-ins: Enable
    Script ActiveX controls marked safe for scripting: Enable
• Downloads
    Automatic prompting for file downloads: Disable
    File download: Enable
    Font download: Enable
• Enable .NET Framework setup: Enable
• Microsoft VM
    Java permissions: High Safety
• Miscellaneous
    Access data sources across domains: Disable
    Allow META REFRESH: Enable
    Allow scripting of Internet Explorer web browser control: Disable
    Allow script initiated windows without size or position contraints: Disable
    Allow webpages to use restricted protocols for content: Prompt
    Allow webpages to open windows without address or status bars: Disable
    Display mixed content: Prompt
    Don't prompt for client certificate selection when no certificates or only one certificate exists: Disable
    Drag and drop or copy and paste files: Enable
    Include local directory path when uploading files to a server: Enable
    Installation of desktop items: Prompt
    Launching applications and unsafe files: Prompt
    Launching programs and files in an IFRAME: Prompt
    Navigate sub-frames across different domains: Disable
    Open files based on content, not file extension: Enable
    Software channel permissions: Medium safety
    Submit non-encrypted form data: Enable
    Use Phising Filter: Enable
    Use Pop-up blocker: Enable
    Userdata persistence: Enable
    Websites in less priviledged content zone can navigate into this zone: Enable
• Scripting
    Active scripting: Enable
    Allow programmatic clipboard access: Prompt
    Allow status bar updates via scripts: Disable
    Allow websites to prompt for information using scripted windows: Disable
    Scripting of Java applets: Enable
• User authentification
    Logon: Automatic logon only in Intranet zone
• Cookies
    Persistent cookies: Enable
    Session cookies: Enable