none
MBSA 2.3 Internet Explorer is not restricted (Server Core)

    Question

  • Hi...

    I ran the MBSA 2.3 against a Server 2012 Hyper-V Core installation and the MBSA 2.3 report shoes 'The use of Internet Explorer is not restricted for administrators on this server.'

    This seems like a false-positive. I don't believe Internet Explorer is installed on my Server 2012 Core installation. Is there a way to prevent this error from being listed?

    Thanks,

    Brett

    Monday, June 22, 2015 3:07 PM

All replies

  • I can reproduce this same message when running MBSA (2.3) against a Windows Hyper-V Server 2012 R2.  

    IE Enhanced Security Configuration for Administrators
    The use of Internet Explorer is not restricted for administrators on this server.
    What was scanned                How to correct this
    Check failed (non-critical)
    IE Enhanced Security Configuration for Non-Administrators
    The use of Internet Explorer is not restricted for non-administrators on this server.
    What was scanned                How to correct this

    This false positive is very annoying because we have to explain management / customers / compliancy consultants why this is incorrect stated.


    You know you're an engineer when you have no life and can prove it mathematically

    • Proposed as answer by AlvinZA Wednesday, November 11, 2015 9:33 AM
    • Unproposed as answer by AlvinZA Wednesday, November 11, 2015 9:34 AM
    Tuesday, October 06, 2015 2:24 PM
  • To get rid of the error try disabling IE ESC from the Server Manager control panel.

    1. Start Server Manager.

    2. Select Local Server on the left.

    3. On the right find the IE Enhanced Security Configuration setting.

    4. In the IE Enhanced Security Configuration dialog change both values to on.

    5. Re-run MBSA.

    This works on Server 2012 R2 Standard. Not sure if it will work on 2012 Hyper-V.

    -Alvin

    Wednesday, November 11, 2015 9:59 AM