Skip to main content

Posts

Showing posts from March, 2008

Internet Explorer 7 Protected-mode vs Firefox

I'm sure you all have herd that Vista and Windows 2008 come with a different type of Internet explorer, called Protected-Mode (PE). It's available only for those 2 operating-systems not because Microsft wants to force you to upgrade from XP (well, they probably do) but it's simply impossible to run PE IE7 without the integrity mechanisms we talked about earlier . Windows no longer sees IE just like an ordinary application. It is an untrusted application; and there's some sound logic behind that, considering the fact that you generally download the malware installer and also, several exploits target IE7. So, instead of running IE with the integrity the user is assigned, it runs with LOW integrity, meaning it cannot modify any objects that are Medium or above. That restriction gives it only a few places it can write to: %userprofile%\AppData\Local\Microsoft\Windows\Temporary Internet Files\ Low %userprofile%\AppData\Local\Temp\ Low %userprofile%\AppData\Roaming\Microsoft\