"Access Denied" when you use some Silverlight applications in Internet Explorer 11 on Windows 8.1

Symptoms

When you access certain Microsoft Silverlight applications in Internet Explorer 11 in Windows 8.1, you receive the Access Denied error message.

Cause

This issue occurs because the websites are set to run in Enhanced Protected Mode (EPM) in Internet Explorer 11 in Windows 8.1.

Note EPM is an important security feature that helps keep Internet Explorer 11 users safe. The feature keep users' data safe, even if an attacker has exploited a vulnerability in the browser or one of its add-ons. Browser add-ons like Microsoft Silverlight are blocked in an EPM browser unless they are updated to be compatible with EPM.

The KB 2932677 MS14-014: Vulnerability in Silverlight could allow security feature bypass: March 11,2014 security update enables Silverlight to be compatible with EPM in desktop mode of Internet Explorer 11. In order to meet EPM security requirements, some Silverlight platform features are blocked. Therefore, when a Silverlight application tries to use the feature, an "Access Denied" error message is received.

The following features are blocked:
  • Audio and video capture
  • Out of Browser application installation
  • Windows Authentication to secure a service used from Silverlight applications
  • PlayReady support
  • Application Storage

Workaround

To restore functionality of blocked features in Silverlight applications, you can disable the EPM feature in desktop mode of Internet Explorer 11:

Warning This resolution may make a computer or a network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend this resolution but are providing this information so that you can implement this resolution at your own discretion. Use this resolution at your own risk:
  1. In Internet Explorer window, press the Alt key, click Tools, then click Internet Options.
  2. On the Advanced tab, click to clear the Enable Enhanced Protected Mode check box under Security.A screenshot of the Enable Enhanced Protected Mode check box.
  3. Click OK.

More Information

By default, all Intranet zone sites are run outside EPM. Therefore, Silverlight applications on an intranet website run as if they were in Compatibility View.
Eigenschaften

Artikelnummer: 2939344 – Letzte Überarbeitung: 27.11.2014 – Revision: 1

Feedback