Earlier this week, Microsoft updated the official Internet Explorer developer blog with an entry on how Internet Explorer 10 has been made to fight off exploits from cyber attackers. But what if a hacker has found a flaw in IE 10 that can be used for malicious purposes? In the newest IE developer blog update, Microsoft's Andy Zeigler writes about how IE 10 can still protect a web surfer's data from such an event.
The new feature is Enhanced Protected Mode, which is basically an evolution from the Protected Mode that was first introduced in 2007 in IE 7 and Windows Vista. Enhanced Protected Mode is designed to keep areas of the operating system out of reach of any exploit that manages to install malware or modify any of your PC's settings.
For example, consider Web-based email. If you want to attach a file from your Documents folder to the email, then Internet Explorer needs permission to access the file and upload it to your email provider. With Enhanced Protected Mode, a “broker process” will grant Internet Explorer temporary access to the file only if you actually click on “Open” on the file upload dialog
While the Metro version of IE 10 will have Enhanced Protected Mode enabled by default, the desktop version of the browser will not, thanks in part to the fact that the desktop version will still support Adobe Flash-based web sites along with other plug-ins. In this case, the Enhanced Protected Mode can be enabled by going to Internet Options, then Advanced, and finally checking the box with Enable Enhanced Protected Mode.
If a desktop IE 10 user then goes to a web site that needs Adobe Flash or another plug-in for the web site to display and work properly, they can disable Enhanced Protected Mode for that particular site.
Image via Microsoft