"If you are using Windows Vista, the Internet Explorer 7 protected mode provides additional protections against web-based attacks."In a very timely manner, Sharath Udupa, a developer on the IE team, explained how to tell if the Protected Mode feature is turned on or off for Internet Explorer in Windows Vista. (Note that the Protected Mode feature is available only in Windows Vista.) By default, Protected Mode is enabled for Internet, Intranet and Restricted zones while disabled for the Trusted Sites and Local Machine zone.
Sharath explains that at times the text in the status bar may indicated “Protected Mode: Off” even when the Internet Options dialog indicates that Protected Mode is enabled. Following are a few exceptions that could potentially turn off Protected Mode:
- User Account Control (UAC) is disabled – If UAC is disabled, Protected Mode is turned OFF. When UAC is disabled, some of the protections which Protected Mode depends on are not available, for example, UI Privilege Isolation (UIPI) is disabled. Hence, Protected Mode is turned off in this scenario.
- IE is running with Administrator privileges – Protected Mode is turned off when IE is launched by right clicking on the IE icon and selecting “Run as administrator” or when IE is launched with administrative privileges from another application. This generally occurs when an installer/setup program running with administrator privileges starts a new IE process.
- IE is navigated to a local HTML page – When the page being viewed is a local file, Protected Mode is turned OFF since the contents of the page are considered safe. Caveat: If the page was saved from a zone (for example Internet) which has Protected Mode enabled, then Protected Mode is turned ON.
See the illustration and follow the comments in Protected Mode for IE7 in Windows Vista - Is it On or Off?
Should you need to reference this information again, I've added the link to the Internet Explorer 7 page in Windows Vista Bookmarks.
No comments:
Post a Comment