Block Automatic Delivery of IE 10

(imported topic written by jnichols91)

Can we get this added? I see there are fixlets for blocking IE 8 and IE 9 delivery and IE 10 is due very soon.

http://www.microsoft.com/en-us/download/details.aspx?id=36512

Thanks!

1 Like

(imported comment written by jnichols91)

Any update on this? IE 10 for Windows 7 was released today (download only, not on Windows Update yet).

(imported comment written by SystemAdmin)

I also am interested in this, we have some locations that can’t even go IE9 so the jobs to block automatic delivery are very helpful.

Thanks for the consideration.

Tom

(imported comment written by SystemAdmin)

I created my own task to ease the fears of my management team that were concerned about the rollout

Relevance: Win 7 machines that do not have the registry value

(version of client >= “6.0.0.0”) AND ((exists true whose (if true then ((exists (operating system) whose (it as string as lowercase contains “Win7” as lowercase))) else false)) AND (exists true whose (if true then (not exists key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Setup\10.0” whose (value “DoNotAllowIE10” of it as integer = 1) of registry) else false)))

Action: Sets registry value

regset "

http://HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Setup\10.0

" “DoNotAllowIE10”=dword:00000001

(imported comment written by SystemAdmin)

the action should be as follows (not sure what happened with copy and paste in previous post)

regset "

http://HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Setup\10.0

" “DoNotAllowIE10”=dword:00000001

(imported comment written by SystemAdmin)

must be an issue with the content of the action

should be "

prior to the HKEY and a

between the 10.0 and "

(imported comment written by SystemAdmin)

I give up on the brackets, obviously an issue with the board and I cant edit my post. You should get the general idea. Sorry for the multiple posts

(imported comment written by SystemAdmin)

As usual, 64bit systems have to be treated a little differently.

The TEM client, being 32bit, wants to update the HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Setup\10.0 key with the

regset

command.

Is there any way to get around this? I’ve tried

rundetached 
"C:\Windows\system32\reg.exe" ADD 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Setup\10.0" /v DoNotAllowIE10 /t REG_DWORD /d 1 /f

and it still get’s executed in the 32bit application space and ends up under Wow6432Node.

(imported comment written by SystemAdmin)

I suppose it helps to read the documentation.

regset64

seems to be the answer here.

if 
{x64 of Operating System
} regset64 
"[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Setup\10.0]" 
"DoNotAllowIE10"=dword:00000001 

else regset 
"[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Setup\10.0]" 
"DoNotAllowIE10"=dword:00000001 endif

(imported comment written by TerryWeiChao)

Content in the Patches for Windows (English) has been modified:

New Fixlet Messages:

Block Automatic Delivery of IE 10 - Windows 7 SP1 (ID: 578)

Block Automatic Delivery of IE 10 - Windows 7 SP1/2008 R2 SP1 (x64) (ID: 580)

Unblock Automatic Delivery of IE 10 - Windows 7 SP1/2008 R2 SP1 (x64) (ID: 582)

Unblock Automatic Delivery of IE 10 - Windows 7 SP1 (ID: 581)3)

Reason for Update:

Microsoft has released Toolkit to Disable Automatic Delivery of Internet Explorer 10

Actions to Take:

None

Published site version:

Patches for Windows (English), version 1740

Additional links:

None

Application Engineering Team

Tivoli Endpoint Manager