Thursday, August 19, 2010


Internet Explorer In Protected Mode | How It Works And Its Benefits

Microsoft Internet Explorer Protected Mode, which runs only on Microsoft Windows Vista / Windows Seven, is part of the continuing emphasis on improved browser security in Internet Explorer. Protected Mode helps reduce the severity of threats to both Internet Explorer and extensions running on Internet Explorer by eliminating the ability to silently install malicious code through software vulnerabilities.

How To Turn On And Off Protected Mode In IE [Assuming you are using IE7 Or IE 8 In Windows Vista Or Windows 7]
Protected Mode in IE7/IE8 requires UAC be fully enabled in addition to the setting in Internet Explorer being enabled. Since UAC is typically disabled by Windows Vista users, that's an important point to consider.
  • Click tools
  • Internet options
  • Security
  • Check the Enable Protected Mode box.
  • It will tell you it requires restarting Internet Explorer.
Internet Explorer Protected Mode is one of several new features available from Windows Vista to help keep users safe. Available only to users running Internet Explorer  7 or 8 in Windows Vista / Windows Seven Enterprise and Windows Vista  / Windows Seven Ultimate, Protected Mode provides new levels of security and data protection for users of Microsoft Windows. Designed to defend against elevation-of-privilege attacks, Protected Mode provides the safety of a robust Internet browsing experience while helping to prevent hackers from taking over the browser and running code through the use of administrator rights.

Protected Mode is an important step forward in security for Internet Explorer. A defense-in-depth feature, it is meant to back up and support many other security features. The Windows security infrastructure allows Protected Mode to provide Internet Explorer with the rights needed to browse the Web while withholding rights needed to silently install programs or modify sensitive system data. Internet Explorer Protected Mode helps protect against malicious downloads by restricting the ability to write to any local machine zone resources other than temporary Internet files.

When users run programs by using limited user rights, they are safer from attack than when they run programs by using administrator rights because Windows can restrict the malicious code from taking damaging actions. This additional defense helps verify that scripted actions or automatic processes cannot download data outside the low-rights directories such as the Temporary Internet Files folder.
Although Protected Mode does not protect against all forms of attack, it significantly reduces the ability of an attack to write, alter, or destroy data on the user's computer or to install malicious code.
How It Works
In Windows Vista / Seven, Internet Explorer 7 / 8 runs in Protected Mode, which helps protect users from attack by running the Internet Explorer process with greatly restricted rights. In Protected Mode, Internet Explorer runs with reduced rights to help prevent user or system files or settings from changing without the user’s explicit permission. This Windows Vista/Seven–only feature limits Internet Explorer to just enough rights for users to browse the Web, but not enough to modify their files or settings—which helps keep their computers safe from Web-based attacks.

The new browser architecture introduces a broker process that helps to enable existing applications to elevate out of Protected Mode in a more secure way. The broker process mediates between the Internet Explorer browser and the operating system and cannot be scripted to act without user input, thereby reducing the likelihood of unwanted software downloads or installation. The highly restrictive broker process prohibits workarounds from bypassing Protected Mode. Any scripted actions or automatic processes cannot download data or affect the system.

Writing to the Windows registry or other locations requires the broker process to have the necessary elevated rights. Protected Mode also offers tabbed browsing security by opening new windows—rather than new tabs—for content contained outside the current security zone.

Protected Mode uses the integrity mechanisms of Windows Vista, which restrict access to processes, files, and registry keys with higher integrity levels. The Protected Mode application programming interface (API) enables software vendors to develop extensions and add-ins for Internet Explorer that can interact with the file system and registry from a low-integrity process, such as Internet Explorer Protected Mode. It takes advantage of the Windows Vista integrity mechanisms and User Interface Privilege Isolation (UIPI) to block interaction between Internet Explorer and higher-integrity applications’ system resources.

Integrity levels restrict write access to securable objects by processes, much the same way that user account groups can be used to restrict the rights of users to access sensitive system components.
Protected Mode also includes compatibility features that allow most extensions to continue running unaffected and provide affected extensions with feasible implementation options. Customers can confirm compatibility of their key applications and Protected Mode and Internet Explorer 7 / 8 by using an updated version of the Application Compatibility Toolkit that Microsoft Windows XP SP2 includes.


About bench3 -

Haja Peer Mohamed H, Software Engineer by profession, Author, Founder and CEO of "bench3" you can connect with me on Twitter , Facebook and also onGoogle+

Subscribe to this Blog via Email :


Write comments
May 28, 2013 at 2:49 PM delete

Thanks for the good writeup. It in reality was a leisure account it.
Glance advanced to far brought agreeable from you! By the way, how could we be in contact?

Also visit my page :: Cheap Louis Vuitton Bags