View the security misconfiguration catalog
  • Misconfiguration Name
  • Software without valid signature are allowed to run or install through internet explorer
  • Description
  • Disable "Allow software to run or install even if the signature is invalid", since this setting allows software and file downloads to be installed or executed by the user even if the signature is invalid. An invalid signature might indicate that someone has tampered with the file.
  • Severity
  • Moderate
  • Category
  • Internet Explorer Hardening
  • Resolution
  • Follow the below steps in GPO to resolve the misconfiguration. The policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> Internet Control Panel -> Advanced Page -> "Allow software to run or install even if the signature is invalid" will be set to “Disabled”.
  • Does remediation require reboot?
  • No