Java permissions - Locked-Down Intranet Zone

Information

This policy setting allows you to manage permissions for Java applets.
If you enable this policy setting, you can choose options from the drop-down box. Custom, to control permissions settings individually.
Low Safety enables applets to perform all operations.
Medium Safety enables applets to run in their sandbox (an area in memory outside of which the program cannot make calls), plus capabilities like scratch space (a safe and secure storage area on the client computer) and user-controlled file I/O.
High Safety enables applets to run in their sandbox. Disable Java to prevent any applets from running.
If you disable this policy setting, Java applets cannot run.
If you do not configure this policy setting, Java applets are disabled.

Solution

Policy Path: Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone
Policy Setting Name: Java permissions

See Also

https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-final-for-windows-10-v1809-and-windows-server/ba-p/701082/

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7a.

Plugin: Windows

Control ID: 810f2592c9263c59c22b69752a38e4a178027f6b20986ae725e2693c6d298116