Windows 8 and 8.1 Forums

Enhanced Protected Mode

  1. #1

    Enhanced Protected Mode

    Every release of Internet Explorer includes new security enhancements to help keep you safe as you browse the Internet. The new Enhanced Protected Mode in Internet Explorer 10 helps keep your data safe even if an attacker has exploited a vulnerability in the browser or one of its add-ons.
    There is no single thing that can keep you secure by itself, so we pursue multiple strategies, including:
    Protection from socially-engineered attacks

    There are a variety of miscreants that want to steal your personal information or take over your computer by impersonating Web sites that you trust. SmartScreen Filter provides the best protection available against malware attacks and phishing. In Windows 8, this protection was added to the Windows Shell, to help keep you safe from malware no matter how it was downloaded.
    Protection from attacks designed to exploit vulnerabilities in Web sites

    “Good” Web sites can have security vulnerabilities that can allow evil Web sites to steal your data or perform actions as if they were you. We protect you with the XSS Filter, which automatically prevents certain types of attacks, and make it easier for Web sites to secure themselves with Declarative Security features, like IE10’s new support for the HTML5 Sandbox.
    Protection against attacks designed to exploit the browser or operating system

    Automatic updating ensures that you have the latest updates installed. This protects you against security issues that have been fixed. IE9 added memory protection features to make it harder to exploit certain types of vulnerabilities and we enhanced these features in IE10. We also added a new layer of protection in IE10 called Enhanced Protected Mode.
    Enhanced Protected Mode

    Protected Mode, which was added in IE7 for Windows Vista, is defense in depth feature that helps prevent attackers from installing software or modifying system settings if they manage to run exploit code. It is an extra layer of protection that locks down parts of your system that your browser ordinarily doesn’t need to use. For example, your browser doesn’t usually need to modify system settings or write to your Documents folder. Protected Mode is based on the principle of least privilege -- by reducing the capabilities that Internet Explorer has, the capabilities available to exploit code are reduced as well.
    “Enhanced” Protected Mode takes this concept further by restricting additional capabilities. Below is a list of some of the new ways that Enhanced Protected Mode helps keep you safe:
    64-bit processes

    Most PCs shipped in the last few years have 64-bit CPUs, and many have a 64-bit version of Windows installed. “64-bit” is usually thought of as a way to extend the amount of memory that a program on your computer can use: because 64-bit processors use 64-bit memory addresses instead of 32-bit ones, a program can “address,” or use, more memory if it’s available.
    A 32-bit number is large – it’s a little more than 4 billion. A 64-bit address is much larger number – roughly 18 pentillion and change (18,446,744,073,709,551,616). Not only does a 64-bit number let you address more memory, it also makes existing memory protection features such as ASLR (Address Space Layout Randomization) much more effective. Heap spray attacks, which are used by attackers to plant malicious code at predictable locations, become much more difficult because it isn’t practical to “fill up” a 64-bit address space – you’ll run out of memory and disk space long before any sizable fraction of the address space is sprayed.
    Protecting your personal information

    When you run a program, it has access to anything on the computer that you have access to, including your personal documents. Enhanced Protected Mode restricts Internet Explorer from locations that contain your personal information until you grant permission to it. This helps prevent exploit code from accessing your personal information without your permission.
    For example, consider Web-based email. If you want to attach a file from your Documents folder to the email, then Internet Explorer needs permission to access the file and upload it to your email provider. With Enhanced Protected Mode, a “broker process” will grant Internet Explorer temporary access to the file only if you actually click on “Open” on the file upload dialog:
    Notice that there are no extra prompts. Brokering is done automatically after you choose to open a file. This is like providing a single safe deposit box to Internet Explorer when requested, instead of giving access to the entire safe all of the time.
    Protecting your corporate assets

    Most corporate networks, or “intranets,” contain valuable information that must be protected from attackers. Enhanced Protected Mode restricts an exploit’s ability to access corporate network resources in three ways. First, Internet tab processes, which is where untrusted Internet pages load, do not have access to a user’s domain credentials. Second, they cannot operate as local webservers, which makes it more difficult to impersonate an Intranet site. Third, Internet tabs cannot make connections to intranet servers.

    Default Settings and Compatibility

    Metro style Internet Explorer always runs with Enhanced Protected Mode enabled – there isn’t anything that you need to configure – just browse. Because Metro style Internet Explorer offers plug-in free browsing, the compatibility impact of this security feature is minimal.
    Many add-ons, such as Adobe Flash and certain toolbars are not yet compatible with Enhanced Protected Mode. Some Web sites still require Adobe Flash in order to work, and some users enjoy the additional functionality offered by some toolbars. In Windows 8 Beta, Enhanced Protected Mode can be enabled in the desktop under Internet Options->Advanced:
    After you enable Enhanced Protected Mode, incompatible add-ons will automatically be disabled. If you encounter a site that needs an add-on such as Flash in order to work, you can disable Enhanced Protected Mode just for that particular Web site.
    This allows you to continue using the site, and have Enhanced Protected Mode enabled on the rest of the Internet. Keep in mind that you should only do this if you know and trust the Web site.
    Of course, if you prefer to browse without add-ons, you can always turn on ActiveX Filtering, which will prevent you from seeing this prompt.

    Defense-in-depth is an area of continual investment for the Windows team. It’s a widely-applied principle in the real world as well. Safety deposit boxes have locks on them. But they are also kept inside of a locked room, inside of a bank, which is locked and is armed with an advanced security system. Enhanced Protected Mode is another layer of protection that helps protect your data from malicious attackers.
    —Andy Zeigler, Senior Program Manager, Internet Explorer


    See also: Enhanced Mitigation Experience Toolkit (EMET) - Windows 7 Help Forums
    Last edited by Brink; 16 Feb 2014 at 12:03. Reason: addition

      My System SpecsSystem Spec

Enhanced Protected Mode
Related Threads
How to Turn On or Off Hyper-V Enhanced Session Mode in Windows 8.1 Enhanced Session Mode allows your Hyper-V virtual machines to access local resources from your Hyper-V host (your PC). You will not need a network connection to the Virtual Machine as it uses the VMbus. The following are a list...
I can't get back to Enhanced mode in Drivers & Hardware
Hello I have the same issue :( I made this in here Changing IDE/SATA to Compatible from Enhanced makes OS not boot - Microsoft Community can you help me to solve it? I did what you said but it didn't help me. Changing IDE/SATA to Compatible from Enhanced makes OS not boot...
How to Turn On or Off Enhanced Protected Mode in IE10 and IE11 Protected Mode, which was added in IE7 for Windows Vista, is defense in depth feature that helps prevent attackers from installing software or modifying system settings if they manage to run exploit code. It is an extra layer of...
Hello, I wonder if someone is running firefox in protected mode and what is the trick for it? After setting protected mode firefox first asks for confirmation to run firefox.exe, then claims that it is running already and quits so I had to revert integrity to medium. thank you Edit: o.k....
IE11 Enchanced Protected mode in Browsers & Mail
Hi, I was just wondering what is enhance protect mode in IE11. It is very annoying when it comes to opening PDF's using adobe reader. If I try and open one I get a message box saying something about enhance protect mode. I click ok, it the site freezes and every time I try to go back onto the...
Hi there WHY MS do you have to make Enable protected mode an all or nothing setting I have a Media server that needs to open but this fails unless I turn OFF enable protected mode All I need is for this site (local host at to be an exception. Anybody know if this...
Eight Forums Android App Eight Forums IOS App Follow us on Facebook