How to disable the Java web plug-in in Internet Explorer

Article ID: 2751647 - View products that this article applies to.
Expand all | Collapse all

INTRODUCTION

Java is a unique form of extensibility because it can be invoked in two ways:

  • By using an applet
    (http://msdn.microsoft.com/en-us/library/ms535183(v=vs.85).aspx)
    element
  • By using an object
    (http://msdn.microsoft.com/en-us/library/ms535859(v=vs.85).aspx)
    element that has a CLSID of a Java Virtual Machine (JVM)
These two invocation methods are subject to different security controls. This Knowledge Base Article contains instructions to configure these two security controls through the registry. 

More information

 Customers can disable Java by setting kill bits for the Java CLSIDs and by setting the URL action to Disable.

Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
322756
(http://support.microsoft.com/kb/322756/ )
How to back up and restore the registry in Windows
To set the kill bit for CLSIDs with values of {8AD9C840-044E-11D1-B3E9-00805F499D93}, {CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}, {CAFEEFAC-0017-0001-FFFF-ABCDEFFEDCBA}, {CAFEEFAC-0017-0002-FFFF-ABCDEFFEDCBA}, {CAFEEFAC-0017-0003-FFFF-ABCDEFFEDCBA}, CAFEEFAC-0017-0004-FFFF-ABCDEFFEDCBA}, {CAFEEFAC-0017-0004-FFFF-ABCDEFFEDCBA}, {CAFEEFAC-0017-0005-FFFF-ABCDEFFEDCBA}, {CAFEEFAC-0017-0006-FFFF-ABCDEFFEDCBA}, {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}, paste the following text into a text file by using a text editor such as Notepad. Then, save the file by using the .reg file name extension: 
 Windows Registry Editor Version 5.00




; First set the URLAction to control APPLET behavior


; Zone 3 is the Internet zone


; 1C00 is the Java invocation policy


; dword:00000000 sets the policy to disable


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3]


"1C00"=dword:00000000


; Then set the Internet Explorer kill bit to block OBJECT tag invocation


[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{8AD9C840-044E-11D1-B3E9-00805F499D93}]


"Compatibility Flags"=dword:00000400


[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{8AD9C840-044E-11D1-B3E9-00805F499D93}]


"Compatibility Flags"=dword:00000400


[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]


"Compatibility Flags"=dword:00000400


[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]


"Compatibility Flags"=dword:00000400


[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]


"Compatibility Flags"=dword:00000400


[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]


"Compatibility Flags"=dword:00000400


[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-0017-0001-FFFF-ABCDEFFEDCBA}]


"Compatibility Flags"=dword:00000400


[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-0017-0001-FFFF-ABCDEFFEDCBA}]


"Compatibility Flags"=dword:00000400


[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-0017-0002-FFFF-ABCDEFFEDCBA}]


"Compatibility Flags"=dword:00000400


[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-0017-0002-FFFF-ABCDEFFEDCBA}]


"Compatibility Flags"=dword:00000400


[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-0017-0003-FFFF-ABCDEFFEDCBA}]


"Compatibility Flags"=dword:00000400


[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-0017-0003-FFFF-ABCDEFFEDCBA}]


"Compatibility Flags"=dword:00000400


[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-0017-0004-FFFF-ABCDEFFEDCBA}]


"Compatibility Flags"=dword:00000400


[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-0017-0004-FFFF-ABCDEFFEDCBA}]


"Compatibility Flags"=dword:00000400


[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-0017-0005-FFFF-ABCDEFFEDCBA}]


"Compatibility Flags"=dword:00000400


[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-0017-0005-FFFF-ABCDEFFEDCBA}]


"Compatibility Flags"=dword:00000400


[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-0017-0006-FFFF-ABCDEFFEDCBA}]


"Compatibility Flags"=dword:00000400


[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-0017-0006-FFFF-ABCDEFFEDCBA}]


"Compatibility Flags"=dword:00000400


[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}]


"Compatibility Flags"=dword:00000400


[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}]


"Compatibility Flags"=dword:00000400
Double-click this .reg file to apply it to individual systems. You can also apply it across domains by using Group Policy. For more information about Group Policy, see the following TechNet article:
Group Policy collection
(http://go.microsoft.com/fwlink/?LinkID=215719)
Note You must restart Internet Explorer for the changes to take effect.

How to undo the changes

Delete the registry entries that were added when you implemented this change.

For more information about kill bits, see Microsoft Knowledge Base Article 240797
(http://support.microsoft.com/kb/240797)
: How to stop an ActiveX control from running in Internet Explorer.

For more information about Internet Explorer URL Action, see Microsoft TechNet Article Internet Explorer URL Action and Advanced Security Settings in Group Policy
(http://technet.microsoft.com/en-us/library/cc783259(v=WS.10).aspx)
.

Properties

Article ID: 2751647 - Last Review: August 30, 2012 - Revision: 1.0
Applies to
  • Windows Internet Explorer 9, when used with:
    • Windows Server 2008 R2 Datacenter
    • Windows Server 2008 R2 Enterprise
    • Windows Server 2008 R2 Standard
    • Windows Web Server 2008 R2
    • Windows 7 Enterprise
    • Windows 7 Home Basic
    • Windows 7 Home Premium
    • Windows 7 Professional
    • Windows 7 Ultimate
    • Windows Server 2008 for Itanium-Based Systems
    • Windows Server 2008 Datacenter
    • Windows Server 2008 Enterprise
    • Windows Server 2008 Standard
    • Windows Web Server 2008
    • Windows Vista Business
    • Windows Vista Enterprise
    • Windows Vista Home Basic
    • Windows Vista Home Premium
    • Windows Vista Ultimate
    • Windows Vista Enterprise 64-bit Edition
    • Windows Vista Home Basic 64-bit Edition
    • Windows Vista Home Premium 64-bit Edition
    • Windows Vista Ultimate 64-bit Edition
    • Windows Vista Business 64-bit Edition
  • Windows Internet Explorer 8, when used with:
    • Windows Server 2008 R2 Datacenter
    • Windows Server 2008 R2 Enterprise
    • Windows Server 2008 R2 Standard
    • Windows Web Server 2008 R2
    • Windows 7 Enterprise
    • Windows 7 Home Basic
    • Windows 7 Home Premium
    • Windows 7 Professional
    • Windows 7 Ultimate
    • Windows Server 2008 for Itanium-Based Systems
    • Windows Server 2008 Datacenter
    • Windows Server 2008 Enterprise
    • Windows Server 2008 Standard
    • Windows Web Server 2008
    • Windows Vista Business
    • Windows Vista Enterprise
    • Windows Vista Home Basic
    • Windows Vista Home Premium
    • Windows Vista Ultimate
    • Windows Vista Enterprise 64-bit Edition
    • Windows Vista Home Basic 64-bit Edition
    • Windows Vista Home Premium 64-bit Edition
    • Windows Vista Ultimate 64-bit Edition
    • Windows Vista Business 64-bit Edition
    • Microsoft Windows XP Professional
    • Microsoft Windows XP Home Edition
    • Microsoft Windows XP Professional x64 Edition
    • Microsoft Windows Server 2003, Datacenter x64 Edition
    • Microsoft Windows Server 2003, Enterprise x64 Edition
    • Microsoft Windows Server 2003, Standard x64 Edition
    • Microsoft Windows Server 2003, Web Edition
    • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
    • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
    • Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
    • Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
    • Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
  • Windows Internet Explorer 7, when used with:
    • Windows Server 2008 for Itanium-Based Systems
    • Windows Server 2008 Datacenter
    • Windows Server 2008 Enterprise
    • Windows Server 2008 Standard
    • Windows Web Server 2008
    • Windows Vista Business
    • Windows Vista Enterprise
    • Windows Vista Home Basic
    • Windows Vista Home Premium
    • Windows Vista Ultimate
    • Windows Vista Enterprise 64-bit Edition
    • Windows Vista Home Basic 64-bit Edition
    • Windows Vista Home Premium 64-bit Edition
    • Windows Vista Ultimate 64-bit Edition
    • Windows Vista Business 64-bit Edition
    • Microsoft Windows XP Professional
    • Microsoft Windows XP Home Edition
    • Microsoft Windows XP Professional x64 Edition
    • Microsoft Windows Server 2003, Datacenter x64 Edition
    • Microsoft Windows Server 2003, Enterprise x64 Edition
    • Microsoft Windows Server 2003, Standard x64 Edition
    • Microsoft Windows Server 2003, Web Edition
    • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
    • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
    • Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
    • Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
    • Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
  • Microsoft Internet Explorer 6.0, when used with:
    • Microsoft Windows XP Professional
    • Microsoft Windows XP Home Edition
    • Microsoft Windows XP Professional x64 Edition
    • Microsoft Windows Server 2003, Datacenter x64 Edition
    • Microsoft Windows Server 2003, Enterprise x64 Edition
    • Microsoft Windows Server 2003, Standard x64 Edition
    • Microsoft Windows Server 2003, Web Edition
    • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
    • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
    • Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
    • Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
    • Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
Keywords: 
kbexpertiseinter kbsecurity KB2751647
Back to the top | Give Feedback

Give Feedback

 
Back to the topBack to the top