Internet Explorer Protected Mode And Vista Support

Every online business is now competing to capture the most strategic real estate of the Internetusers’ browsers. Placing your branded toolbar in user’s browsers has become a vital part of your Web site strategy.

Other functional benefits of toolbar customization are as follows:

For easy navigation of websites.
For easy navigation of search keywords.
For keeping the bookmarks of the websites.
For creation of toolbar buttons by dragging and dropping the URLs
For Blocking the Popup
For giving notifications to users for IE Events
For capturing the contents of webpage
For getting the content of RSS Feedsetc.

So bringing you to the latest news on the block is the Internet Explorer’s Protected Mode.
Its certainly a new feature in the Microsoft Vista Operating System, also considered as one of the pieces of the User Account Control (UAC). The Protected mode is basically designed to protect the computer by restricting the parts of the system, which can effect the code running in IE. So if a malicious web page exploits a code-injection bug in IE or an IE plug-in, that code will not be able to damage the system.

Vista also introduces you to a new attribute on securable objects called the Mandatory integrity level. This comprises of four levels:

The System level, used by OS components, and should not be used by other applications. High which is the level of processes that are running, elevated with full admin rights. Medium the processes launched in the normal fashion, and the Low used by IE and Windows Mail to provide protected mode.

To further this discussion, Windows stored information about a process also includes which integrity level it was launched with. This level can never change once the process is started, it can only be set at the time the process is created. To make this simple, a process’s integrity level has three main effects such as:

Any securable objects that the process creates get that same integrity level.
The process cannot access a resource whose integrity level is higher than the process’s own level.
The process cannot send window messages to a process that has a higher integrity level.

So if you want to determine, if your extension is running in a protected mode IE process? …. You can use IEIs Protected Mode Process which will return the BOOL Parameter whether protected or not. As good as it gets.

Now, the most obvious question would be .How does VISTA support help in developing a toolbar here?

Most of the plug-ins need Registry and/or File system access for reading and/or writing operations, these operations can be done without problem when Internet Explorer Protected mode is Disable.
The challenge here lies is when the protected mode is enabled. An extension can only write to a few directories under the user’s profile. There are special low-integrity directories under the TEMP, Temporary Internet Files, Cookies, and Favorites directories that are writable. Internet explorer also has some compatibility shims, which virtualizes other commonly-used directories. The Write operations to those directories are redirected to a subdirectory of Temporary Internet Files. If an extension tries to write to a sensitive location, like the Windows directory, that operation will fail.

The Developers however need to use VISTA SDK for getting the File system Writable Location, for downloading any files OR for doing any File system operations.

To start with, VISTA SDK can be downloaded at

If your wondering, How to Enable / Disable Internet explorer Protected Mode? You can simply open the Control panel from your Windows Login User account settings; you will see the optional mode to turn the User Account Control on or off. From this screen you can easily disable the Internet Explorer Protected mode, making sure that the Use User Account Control (UAC) to help Protect your computer option is unchecked. You need to remember to restart you PC once this setting is changed to proceed. Simple, isnt it?

Leave a Reply