none
[SOLVED] List of Valid dword Values for IE add-ons RRS feed

  • Question

  • Is there any documentation that covers the possible dword values for toolbars, extensions - add-ons in general?

    When tracking IE registry changes while disabling add-ons we noticed it updates, at least, two values

    • HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{GUID}\Flags - 00000001
    • HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{GUID}\Flags - 00000004

    We know that '00000001' equates to 'disabled'

    • What does '00000004' equate to?
    • What are the other possible values?
    • Are the flag dword values for Settings different from Stats?  (e.g.: is 00000001 still disabled or is that not valid for Stats? etc.)

    What brought this up?  Historically we disabled Java add-ons via registry based on observed registry modifications when the add-on was disabled in IE.  We are aware of Oracle's new Java control panel applet that allows you to disable Java with a simple click.  It also seems to make a registry change (not sure if its case sensitive but string value & value data are all lowercase):

    • HKCU\Software\AppDataLow\Software\JavaSoft\DeploymentProperties\deployment.webjava.enabled = false

    • Edited by JuliusPIV Tuesday, January 15, 2013 6:25 PM
    Monday, January 14, 2013 5:36 PM

Answers

  • Hi,

    wrong forum.... unfortunately there is no MSDN documentation describing the dword values meanings for the Addons manager. the MSDN IE Extension development forum (links above) would be the appropriate forum to ask.

    download and run procmon.exe from sysinternals.com and monitor the values of the above keys when you disable/enable the addon from the IE addons manager to work out what the values and keys mean.

    the oracle java switch HKCU\Software\AppDataLow\Software\JavaSoft\DeploymentProperties\deployment.webjava.enabled = false is for their software (see also Start>Control Panel>Java ) and is independent for the registry values maintained by the IE addons manager.

    You can also use GPO to stop any Addon from being loaded in an IEFrame service if you know its GUID..... double click on an item in the Addons manager to display its Properties dialog which has the GUID value for you to copy and paste.

    Regards.


    Rob^_^

    • Proposed as answer by 网游 - wang'you Tuesday, January 15, 2013 1:47 AM
    • Marked as answer by JuliusPIV Tuesday, January 15, 2013 11:58 AM
    Tuesday, January 15, 2013 1:47 AM

All replies

  • Hi,

    wrong forum.... unfortunately there is no MSDN documentation describing the dword values meanings for the Addons manager. the MSDN IE Extension development forum (links above) would be the appropriate forum to ask.

    download and run procmon.exe from sysinternals.com and monitor the values of the above keys when you disable/enable the addon from the IE addons manager to work out what the values and keys mean.

    the oracle java switch HKCU\Software\AppDataLow\Software\JavaSoft\DeploymentProperties\deployment.webjava.enabled = false is for their software (see also Start>Control Panel>Java ) and is independent for the registry values maintained by the IE addons manager.

    You can also use GPO to stop any Addon from being loaded in an IEFrame service if you know its GUID..... double click on an item in the Addons manager to display its Properties dialog which has the GUID value for you to copy and paste.

    Regards.


    Rob^_^

    • Proposed as answer by 网游 - wang'you Tuesday, January 15, 2013 1:47 AM
    • Marked as answer by JuliusPIV Tuesday, January 15, 2013 11:58 AM
    Tuesday, January 15, 2013 1:47 AM
  • Thanks for the response IECUSTOMIZER!

    I'm aware that the Java registry key I included " is independent for the registry values maintained by the IE addons manager."  I included it because there are now, at least, two ways to disable Java: via IE add-ons manager and via Java itself.  With all the Java vulnerabilities over the years, I thought it might be useful should anyone stumble across this forum.

    Real bummer that there's no documentation.  I found some articles that were a few years old stating the same thing but I had hoped things had changed since then.  Ohh well.

    For now, I know what I need to disable Java and I'll continue to monitor registry changes when disabling specific add-ons and pushing out registry changes.

    Cheers!

    Tuesday, January 15, 2013 11:57 AM
  • Yes... there is considerable security chatter about java RT vulnerabilities at the moment... on corporate domains you can use the IE Security zones to limit Java RT applets to run in your Intranet zone domains only or if you have B2B websites that rely on them you can add those sites to your Trusted Sites list...

    As with many security advisory these days.... they apply to 'specially crafted web pages'... for your intranet sites and trusted sites (which are commercial in nature, and where you have reasonable expectations about the integrity of the networks they run under), you could have a reasonable expectation that they are safe to use.... and use the GPO security zone templates to limit their use to only those intranet or trusted domains in the GPO lists.

    Again, this is where the granular design of the IE Security Model is advantageous in the corporate network environment.

    Java RT is commonly used/exploited in Computer Games... Heaven forbid your employees are playing computer games on the bosses dimes?

    the values of some registry keys is not publicly published/disclosed for a number of reasons... firstly that they are not considered to be of interest to the public (need to know basis) or secondly for security reasons.... the sysinternal tools allows developers to get under the hood in detail... A reasonable understanding of windows is required, but eventually you can work things out, even if the official documentation is lacking.

    Regards.


    Rob^_^

    Wednesday, January 16, 2013 12:09 AM