New
#1
How to whitelist which websites can be opened in IE 11 from admin act.
I'm looking for a solution for a small business. Due to some proprietary software that they have (required to service their hardware) the following had to be done on this Windows 7 Pro installation:
- Turn off UAC
- Log in as administrator
So there's no way around the stipulations above.
I'm looking for a solution to restrict which web sites a user can visit. Kind of like white-listing. The only web browser installed on that system is IE 11. Users are restricted from installing any software via local group policies.
The only users on that desktop are two women in their 60's that will not try to do "bad things" on purpose. They did not grow up with computers, so they are struggling to understand basic online security principles.
My goal is to prevent them from going to any web sites that can exploit a zero-day vulnerability in IE, or in some way harm the computer. I can't just block the internet, because their job requires going to some specific websites to retrieve reports, as well as to Amazon.com for occasional business-related purchase. Disabling JavaScript unfortunately wouldn't work because it is required in the web sites that they have to use.
PS1. I tried to enable family safety in IE settings, but unfortunately it refused to work as I had to log in to that account as administrator.
PS2. Here's what happened this month. One of the women called me up and told me that she can't close a web site. When I came over she had IE open on some strange page that had a popup saying that computer is infected. Closing the popup didn't make it go away. Moreover, trying to terminate IE with the Task Manager did not work. There were two copies running side by side, so when I killed one, the other one restarted it. (The only way to kill it was possible by using Sysinternal's tool Procexp by suspending both IE processes.) After that, I could see that there were some changes done to IE, and namely downloading files no longer worked and caused an error, which was not happening before.
After this incident I immediately cleared the temp files as well as IE cache and ran all system files via Virus Total scan. I did not find any infections.
When asked what caused that popup the woman said that she went to Google and searched for a product to buy at Home Depot. After that she clicked the first item on top of the Google search and got this popup. Like I said, the user was quite computer-illiterate for me to instruct her any further or to expect a different behavior. Thus my intentions to whitelist websites in the web browser.