Protected mode for IE7 but under Windows XP?

From what I've read and because Microsoft announced it as such,
protected mode for IE7 is supposedly only usable when it is ran under
Windows Vista. However, I just found a policy setting for protected
mode (which describes it similarly to how it behaves under Vista) when I
was digging around on Windows XP.

Run the group policy editor (gpedit.msc) and go to User Configuration ->
Administrative Templates -> Windows Components -> Internet Explorer ->
Internet Control Panel -> Security Page. From what I've read, this is
where the option exists in Vista in Internet Options on its Security tab
to enable protected mode. Each security zone is listed under this
policy key and within each is the "Turn on Protected Mode" option.

So if protected mode in IE7 is not available under Windows XP, why is
the security policy listed for IE7 under Windows XP? From one of
Microsoft's help articles, "In Protected Mode, Internet Explorer 7 in
Windows Vista cannot modify user or system files and settings without
user consent." So if I wanted to test if protected mode was effected to
IE7 after being enabled via policy setting but under Windows XP, how
would I test? I don't use Vista so I'm not sure under what conditions
protected mode would result in a prompt from IE7 (that wouldn't already
be a prompt from IE7 in non-protected mode).

I'm not sure that I even want protected mode (if it's just more prompts
to the user) but I got curious why there would be a policy setting under
Windows XP when all the articles say it is only effective under Vista.

Hello,

IE7 on XP and Vista is based on the same code base. This is the reason why
you may find some protected mode settings also under XP, but which are not
in effect under XP since protected mode is based on new security features
that are only available in Vista (and later).

Best regards,

Viktor Krammer
--
http://www.quero.at/
The New Web Experience

Viktor Krammer wrote:

> IE7 on XP and Vista is based on the same code base. This is the reason why
> you may find some protected mode settings also under XP, but which are not
> in effect under XP since protected mode is based on new security features
> that are only available in Vista (and later).

I was wondering if the install of IE7 was what created this policy
settings. Seems silly, however, to establish policy settings in a
version of Windows that cannot be effected. Obviously the install could
detect that it was not Vista under which IE7 was being installed and
simply not add those policy settings.

Thanks for the reply.

"VanguardLH" <V@nguard.LH> wrote in message news:get5s8$upd$1@registered.motzarella.org...
> Viktor Krammer wrote:
>
>> IE7 on XP and Vista is based on the same code base. This is the reason why
>> you may find some protected mode settings also under XP, but which are not
>> in effect under XP since protected mode is based on new security features
>> that are only available in Vista (and later).
>
> I was wondering if the install of IE7 was what created this policy
> settings. Seems silly, however, to establish policy settings in a
> version of Windows that cannot be effected. Obviously the install could
> detect that it was not Vista under which IE7 was being installed and
> simply not add those policy settings.


I think the same sort of thing started happening in IE6sp2 regarding "hardening"
E.g apparently that mostly applies to Windows Server 2003.


<TITLE>What Is Internet Explorer Maintenance Extension?: Group Policy</TITLE>
http://technet.microsoft.com/en-us/l.../cc728150.aspx

(Live Search for
"internet explorer" hardening site:microsoft.com
)

<quotes>
Updated: March 28, 2003

Internet Explorer Enhanced Security Configuration, also known as Microsoft Internet Explorer Hardening,
reduces a server's vulnerability to attacks from Web content by applying more restrictive Internet Explorer security settings.

You can deploy Internet Explorer Enhanced Security Configuration settings to target computers
through Internet Explorer Maintenance only if Internet Explorer Enhanced Security Configuration
is enabled on the target computer. This is because the Internet Explorer Maintenance CSE stores
these settings on the target computer in the equivalent registry location from where they were imported.

Those registry keys are read only by Windows Server 2003 because it is currently
the only operating system that supports Internet Explorer Hardening.
</quotes>


---