Internet Explorer® under Windows® Vista has an additional mode, other than the normal user and administrator rights as in former Windows® versions.
Internet-facing applications such as browsers are inherently at a higher security risk than other applications because they can download untrustworthy content from unknown sources. IE7’s Protected Mode leverage's Windows Vista’s UAC, MIC and UIPI features to boost browser security. In IE7’s Protected Mode - which is the default in other than the Trusted security zone - the IE process runs with Low rights, even if the logged-in user is an administrator. Since add-ons to IE such as ActiveX controls and toolbars run within the IE process, those add-ons run Low as well. The idea behind Protected Mode IE is that even if an attacker somehow defeated every defense mechanism and gained control of the IE process and got it to run some arbitrary code, that code would be severely limited in what it could do. Almost all of the file system and registry would be off limits to it for writing, reducing the ability of an exploit to modify the system or harm user files. The code wouldn't have enough privileges to install software, put files in the user's Startup folder, hijack browser settings, or other nastiness.
In Protected Mode IE writes⁄reads special Low versions of the cache, TEMP folder, Cookies and History.
Index Reader can read automatically the index.dat files in the Low mode folders. To enable this mode only this option 'Use protected mode' must be clicked. If the other location is not opened immediately restart the program.
CAUTION: If the protected mode has never been used on a machine, the low folder is generated but the index.dat is missing. In this case, an error message is displayed:
