I came across a fascinating article on Windows Vista and the Internet Explorer "Protected Mode." It seems that, even with User Account Control (UAC) enabled, a low-integrity process like IE can manage to grab the handle of a higher-integrity process and potentially inject code into it, compromising the system. Here's the link to the article. The key is that you have to be running as a non-elevated Admi I came across a fascinating article on Windows Vista and the Internet Explorer “Protected Mode.” It seems that, even with User Account Control (UAC) enabled, a low-integrity process like IE can manage to grab the handle of a higher-integrity process and potentially inject code into it, compromising the system. Here’s the link to the article.The key is that you have to be running as a non-elevated Administrator (i.e. the Vista default for stand-alone installations). This is different from running as a Vista “Standard” user. Standard users are truly limited in that they are logged-in at a medium integrity level and have no way of elevating their level – for example, to run a high-integrity level process – without first entering credentials for a separate, Administrator-level account. This separate, Administrator account is then used to launch the process on behalf of the Standard user, effectively creating a barrier between the system and any process created by the Standard user.By contrast, non-elevated Administrators are still members of the Administrators group but are artificially logged-in at medium integrity. To elevate their access they first go through the UAC elevation prompt after which they’re allowed to start the requested process at their native high-integrity level. This distinction is important since it directly affects the level of security afforded by the two operating modes. When running in either mode you see the “Protected Mode: On” message at the bottom of the IE window. However, unless you’re running as a Standard User, this visual cue can engender a false sense of security since a non-elevated Administrator account can still be compromised using the aforementioned injection technique.Bottom Line: To properly lock-down Vista you need to eliminate all non-elevated Administrator accounts and force everyone to use the Standard User model. Microsoft is supposedly working on a fix for this issue and will ship it as part of Service Pack 1. Until then, be smart and ditch that default non-elevated account. Software DevelopmentSmall and Medium Business