Internet Explorer allows downloading *.exe files without asking

It seems that in the latest 3.14…587 version Internet Explorer Defense+ policy adds *.exe files in the “allowed” list without asking

Where are you looking?

Downloading and Running an executable file are two very different things.

Bad

That could be because Microsoft is in the Trusted Vendor List of CIS and CIS recognizes it as safe and give it access to what it wants.

If you wish to have more control over it, you can open

CIS-Defense±Advanced-Computer Security Policy

Double click IE - Access Rights

Change rules for Disk access and physical memory

Any ways AFAIK IE do alert you before downloading files in normal circumstances unless it is a shrewd malware, so is it really necessary?

Hope this helps

In short:

  • in previous versions whenever I downloaded an exe file (= I clicked on an HTML page to download an exe), Defense+ immediately asked me for a permission
  • with the latest version this doesn’t happen
    Any idea why?

Thanks :-TU