RE: Error when changing Internet security levels below medium



JT
07-09-2005, 11:03 PM
Ian, I aggree with what you're saying. thanks for the input.

Ramesh, thank you as well for the imput. However, I understand what the KB
article you pointed me to is saying. I understand that the error occurs when
it is below the "recommended" security lever on the slider or the Registry
eqivelant. But the article doesn't say 1) if the error is by design or 2) How
to bypass the "recommended" level if desired. It doesn't evern acknowledge
the error. It just speaks of standard operating procedure.

again, thanks to all for the input.

Justin

Blake
07-09-2005, 11:10 PM
Hey JT. It's by design, and I think it's a great design, It's just too bad
that MS would push things like this out without exposing the settings in the
security center or something so folks who don't have domain policy templates
overwriting them could keep control over their own machines.

That said, here's how you get around it, at least on XP Pro SP2:

1: Start | Run
2: Type regedit in the window and click OK
3. Open the key
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones
4: For each zone that you want to eliminate the warning from:
a. Scroll to the bottom of the list in the right-hand pane and
doubleclick the entry "MinLevel"
b. Replace the current value with 10000, but do _not_ change the radio
button setting from hexidecimal to decimal
c. Click OK
5: Close Regedit.
6: Open Internet Explorer and pick Tools Internet Options
(or open the Security Center in the Windows Control Panel and pick Internet
Options)
7: Choose your security setting as you see fit.

Hope that helps those who don't have time/training to sort it out from the
KB article--which was really useful to me, by the way Ramesh--I searched MS
web site about six ways to Sunday for an article of just that nature before
finding it here in your post. Some KB articles aren't as step-by-step as
others though, so I thought this one could use some simplification.

In any case, I really really strongly recommend setting the Internet zone to
high security, then using the custom button to enable file downloads only,
and using Trusted sites for everything else, because anything less is asking
to get owned, but people are entitled to make their own choices with their
own machines and there's nothing worse than a hunk of silicon that refuses to
do what it's told.

Practice safe Hex, everyone!

-Blake


"JT" wrote:

>
> Ian, I aggree with what you're saying. thanks for the input.
>
> Ramesh, thank you as well for the imput. However, I understand what the KB
> article you pointed me to is saying. I understand that the error occurs when
> it is below the "recommended" security lever on the slider or the Registry
> eqivelant. But the article doesn't say 1) if the error is by design or 2) How
> to bypass the "recommended" level if desired. It doesn't evern acknowledge
> the error. It just speaks of standard operating procedure.
>
> again, thanks to all for the input.
>
> Justin

Blake
07-09-2005, 11:10 PM
Whoops, item 4 should read :

4: For each zone that you want to eliminate the warning from, click on the
zone key (numbered 0 through 4, Internet zone is #3):

and, just for grins, the full list of numbers corresponded to zone names
follows:

0: My Computer (no minlevel setting for this one, so more or less irrelevant
here)
1: Local Intranet
2: Trusted Sites
3: Internet
4: Restricted Sites

That's it then.

-Blake


"Blake" wrote:

> Hey JT. It's by design, and I think it's a great design, It's just too bad
> that MS would push things like this out without exposing the settings in the
> security center or something so folks who don't have domain policy templates
> overwriting them could keep control over their own machines.
>
> That said, here's how you get around it, at least on XP Pro SP2:
>
> 1: Start | Run
> 2: Type regedit in the window and click OK
> 3. Open the key
> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet
> Settings\Zones
> 4: For each zone that you want to eliminate the warning from:
> a. Scroll to the bottom of the list in the right-hand pane and
> doubleclick the entry "MinLevel"
> b. Replace the current value with 10000, but do _not_ change the radio
> button setting from hexidecimal to decimal
> c. Click OK
> 5: Close Regedit.
> 6: Open Internet Explorer and pick Tools Internet Options
> (or open the Security Center in the Windows Control Panel and pick Internet
> Options)
> 7: Choose your security setting as you see fit.
>
> Hope that helps those who don't have time/training to sort it out from the
> KB article--which was really useful to me, by the way Ramesh--I searched MS
> web site about six ways to Sunday for an article of just that nature before
> finding it here in your post. Some KB articles aren't as step-by-step as
> others though, so I thought this one could use some simplification.
>
> In any case, I really really strongly recommend setting the Internet zone to
> high security, then using the custom button to enable file downloads only,
> and using Trusted sites for everything else, because anything less is asking
> to get owned, but people are entitled to make their own choices with their
> own machines and there's nothing worse than a hunk of silicon that refuses to
> do what it's told.
>
> Practice safe Hex, everyone!
>
> -Blake
>
>
> "JT" wrote:
>
> >
> > Ian, I aggree with what you're saying. thanks for the input.
> >
> > Ramesh, thank you as well for the imput. However, I understand what the KB
> > article you pointed me to is saying. I understand that the error occurs when
> > it is below the "recommended" security lever on the slider or the Registry
> > eqivelant. But the article doesn't say 1) if the error is by design or 2) How
> > to bypass the "recommended" level if desired. It doesn't evern acknowledge
> > the error. It just speaks of standard operating procedure.
> >
> > again, thanks to all for the input.
> >
> > Justin

Ramesh, MS-MVP
07-09-2005, 11:10 PM
You're welcome Blake. BTW, the user should be able to select the Custom
Level slider and then alter the individual options as they need. This is
irrespective of MinLevel setting.

--
Ramesh Srinivasan
MS-MVP, Windows Shell

Windows XP Troubleshooting
http://www.winhelponline.com

"Blake" <Blake@discussions.microsoft.com> wrote in message
news:97567D37-AC36-469A-8475-6E7D1202F060@microsoft.com...
> Hey JT. It's by design, and I think it's a great design, It's just too
> bad
> that MS would push things like this out without exposing the settings in
> the
> security center or something so folks who don't have domain policy
> templates
> overwriting them could keep control over their own machines.
>
> That said, here's how you get around it, at least on XP Pro SP2:
>
> 1: Start | Run
> 2: Type regedit in the window and click OK
> 3. Open the key
> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet
> Settings\Zones
> 4: For each zone that you want to eliminate the warning from:
> a. Scroll to the bottom of the list in the right-hand pane and
> doubleclick the entry "MinLevel"
> b. Replace the current value with 10000, but do _not_ change the radio
> button setting from hexidecimal to decimal
> c. Click OK
> 5: Close Regedit.
> 6: Open Internet Explorer and pick Tools Internet Options
> (or open the Security Center in the Windows Control Panel and pick
> Internet
> Options)
> 7: Choose your security setting as you see fit.
>
> Hope that helps those who don't have time/training to sort it out from the
> KB article--which was really useful to me, by the way Ramesh--I searched
> MS
> web site about six ways to Sunday for an article of just that nature
> before
> finding it here in your post. Some KB articles aren't as step-by-step as
> others though, so I thought this one could use some simplification.
>
> In any case, I really really strongly recommend setting the Internet zone
> to
> high security, then using the custom button to enable file downloads only,
> and using Trusted sites for everything else, because anything less is
> asking
> to get owned, but people are entitled to make their own choices with their
> own machines and there's nothing worse than a hunk of silicon that refuses
> to
> do what it's told.
>
> Practice safe Hex, everyone!
>
> -Blake
>
>
> "JT" wrote:
>
>>
>> Ian, I aggree with what you're saying. thanks for the input.
>>
>> Ramesh, thank you as well for the imput. However, I understand what the
>> KB
>> article you pointed me to is saying. I understand that the error occurs
>> when
>> it is below the "recommended" security lever on the slider or the
>> Registry
>> eqivelant. But the article doesn't say 1) if the error is by design or 2)
>> How
>> to bypass the "recommended" level if desired. It doesn't evern
>> acknowledge
>> the error. It just speaks of standard operating procedure.
>>
>> again, thanks to all for the input.
>>
>> Justin

JT
07-09-2005, 11:10 PM
Thanks Blake,
I just ended up repairing the error I was having, instead of adjusting the
security level (Which wasn't reallythe prob to begin with, but I wasn't sure
at the time). I never did end up going through the KB article thoroughly (It
was on my to-do list!) But you made it much easier to fine the means to my
end. I tried it and I will file this away for future use.

Thanks again,
JT


RE: Error when changing Internet security levels below medium