Internet Explorer 10's Enhanced Protected Mode described

Earlier this week, Microsoft updated the official Internet Explorer developer blog with an entry on how Internet Explorer 10 has been made to fight off exploits from cyber attackers. But what if a hacker has found a flaw in IE 10 that can be used for malicious purposes? In the newest IE developer blog update, Microsoft's Andy Zeigler writes about how IE 10 can still protect a web surfer's data from such an event.

The new feature is Enhanced Protected Mode, which is basically an evolution from the Protected Mode that was first introduced in 2007 in IE 7 and Windows Vista. Enhanced Protected Mode is designed to keep areas of the operating system out of reach of any exploit that manages to install malware or modify any of your PC's settings.

Zeigler writes:

For example, consider Web-based email. If you want to attach a file from your Documents folder to the email, then Internet Explorer needs permission to access the file and upload it to your email provider. With Enhanced Protected Mode, a “broker process” will grant Internet Explorer temporary access to the file only if you actually click on “Open” on the file upload dialog

While the Metro version of IE 10 will have Enhanced Protected Mode enabled by default, the desktop version of the browser will not, thanks in part to the fact that the desktop version will still support Adobe Flash-based web sites along with other plug-ins. In this case, the Enhanced Protected Mode can be enabled by going to Internet Options, then Advanced, and finally checking the box with Enable Enhanced Protected Mode.

If a desktop IE 10 user then goes to a web site that needs Adobe Flash or another plug-in for the web site to display and work properly, they can disable Enhanced Protected Mode for that particular site.

Image via Microsoft

Report a problem with article
Previous Story

Battlestar Galactica shows up in Microsoft Surface 2.0 app

Next Story

Google to start offering real answers to search results

12 Comments

Commenting is disabled on this article.

awesome. with WOA tablets not allowing other browsers to be in the desktop, IE's marketshare will shoot to the sky which makes it very important that they take security seriously

LostInNull said,
No-one uses internet explorer anymore , nobody cares
Chrome is safest and fastest browser.

you 'liked' your own comment. More ppl use IE than all the other competing browsers combined If am not wrong

LostInNull said,
No-one uses internet explorer anymore , nobody cares
Chrome is safest and fastest browser.

how YOU are deciding that 'No-one' uses.
I use it, even chrome is faster. call it fanboysm or whatever.

I try to stay as much as away from Google and I want my internet life not to be tracked as much as possible

LostInNull said,
No-one uses internet explorer anymore , nobody cares
Chrome is safest and fastest browser.

This is how I read it: "No one listens to classical music anymore, nobody cares.
Justin bieber is the best singer."

Ignorant comment is ignorant.

LostInNull said,
No-one uses internet explorer anymore , nobody cares
Chrome is safest and fastest browser.

Chrome for Windows has a sandbox which is mostly based on Vista/IE7's sandbox design, plus some NT authorization restrictions.

IE10/metro is much more secure than Google Chrome:
-the new sandbox provides a better isolation (more features are blocked: interprocess communication, socket connections to localhost, ...)
-IE10 uses newer memory protection techniques than Google chrome.

An MS employee told me a few months ago that he expects that Google Chrome will use IE10 sandbox on Windows 8, because it is more reliable than the IE7/current Chrome sandbox.

And concerning speed, hardware acceleration is still broken and mostly disabled by default on chrome. And on real world websites, even scrolling is slow on Google Chrome on low end computers, whereas it is very smooth with IE.

LostInNull said,
No-one uses internet explorer anymore , nobody cares
Chrome is safest and fastest browser.

Another case of person who wants to be considered cool because he's saying something negative about IE. Your brain is lost in null.

link8506 said,

Chrome for Windows has a sandbox which is mostly based on Vista/IE7's sandbox design, plus some NT authorization restrictions.

IE10/metro is much more secure than Google Chrome:
-the new sandbox provides a better isolation (more features are blocked: interprocess communication, socket connections to localhost, ...)
-IE10 uses newer memory protection techniques than Google chrome.

An MS employee told me a few months ago that he expects that Google Chrome will use IE10 sandbox on Windows 8, because it is more reliable than the IE7/current Chrome sandbox.

And concerning speed, hardware acceleration is still broken and mostly disabled by default on chrome. And on real world websites, even scrolling is slow on Google Chrome on low end computers, whereas it is very smooth with IE.


And again its going to take a year before any other browser matches or comes close to IE. When IE8 was released, it took almost a year (maybe even 1,5) before anyone ever broke through the sandboxing. All other 'exploits' where usually confined within the browser untill you closed it.
Even today, IE9 beats chrome on many aspects, one of which is speed. Chrome has a little faster javascript renderer, but javascript is in general less then 20% of the loading timeof a webpage. Even on just the display of graphics itself, IE9 is ALLOT faster then chrome. To beat this, Chrome is going to trick by starting to load sites while you still type the address? oh wow
IE gets so much hatred for nothing, even IE6 was at time of release, the browser that came closest to W3C(allot of which got changed after release of IE6) standards compared to Opera and Netscape/Mozilla at the time.