Q. What applications are configured to take advantage of the enhanced download security built into Internet Explorer for Windows XP SP2?

Internet Explorer 6, and Internet Explorer 7, for Windows XP SP2, will automatically block downloads that do not require user interaction, unless you have disabled the Automatic prompting for file downloads option, and provides more protection against downloaded executable files by checking for a digital signature on files that can be digitally signed, like .exe, .dll, .cab, .ocx, and .msi files.

NOTE: When a Web site attempts to download a file that did not result from a user action, like a key press or mouse click, the download is blocked and an Information Bar prompts you with:

To help protect your security, Internet Explorer blocked this site from downloading files to a computer. Click here for more options.

Internet Explorer and Windows Explorer automatically take advantage of these tighter restrictions on file downloads. Other applications can be configured to do so also.

I have scripted FEATURE_RESTRICT_FILEDOWNLOAD.BAT to list the applications that have been configured to take advantage of the tighter restrictions on file downloads.

The syntax for using FEATURE_RESTRICT_FILEDOWNLOAD.BAT is:

[call] FEATURE_RESTRICT_FILEDOWNLOAD

FEATURE_RESTRICT_FILEDOWNLOAD.BAT contains:

@echo offsetlocal EnableDelayedExpansionif exist "%TEMP%FEATURE_RESTRICT_FILEDOWNLOAD.TMP" del /f /q "%TEMP%FEATURE_RESTRICT_FILEDOWNLOAD.TMP" set App=NONEset key="HKLMSOFTWAREMicrosoftInternet ExplorerMainFeatureControlFEATURE_RESTRICT_FILEDOWNLOAD"set f1=FIND /i "REG_DWORD"set f2=FIND /i "0x1"call :quiet >nul 2>&1if exist "%TEMP%FEATURE_RESTRICT_FILEDOWNLOAD.TMP" type "%TEMP%FEATURE_RESTRICT_FILEDOWNLOAD.TMP" if exist "%TEMP%FEATURE_RESTRICT_FILEDOWNLOAD.TMP" del /f /q "%TEMP%FEATURE_RESTRICT_FILEDOWNLOAD.TMP" set key="HKCUSOFTWAREMicrosoftInternet ExplorerMainFeatureControlFEATURE_RESTRICT_FILEDOWNLOAD"call :quiet >nul 2>&1if exist "%TEMP%FEATURE_RESTRICT_FILEDOWNLOAD.TMP" type "%TEMP%FEATURE_RESTRICT_FILEDOWNLOAD.TMP" if exist "%TEMP%FEATURE_RESTRICT_FILEDOWNLOAD.TMP" del /f /q "%TEMP%FEATURE_RESTRICT_FILEDOWNLOAD.TMP" endlocalgoto :EOF:quietfor /f "Tokens=1" %%a in ('reg query %key%^|%f1%^|%f2%') do ( set App=%%a @echo !App!>>"%TEMP%FEATURE_RESTRICT_FILEDOWNLOAD.TMP")