Brain Dump: Shims, Detours, and other “magic”

Note: The “brain dump” series is akin to what the support.microsoft.com team calls “Fast Publish” articles—namely, things that are published quickly, without the usual level of polish, triple-checking, etc. I expect that these posts will contain errors, but I also expect them to be mostly correct. I’m writing these up this way now because they’ve…

8

Understanding Enhanced Protected Mode

Last week, Andy Zeigler announced the introduction of Enhanced Protected Mode (EPM) over on the IEBlog. In today’s post, I’d like to provide further technical details about EPM to help security researchers, IT professionals, enthusiasts, and developers better understand how this feature works and what impact it may have on scenarios they care about. Internet…

53

Default Integrity Level and Automation

Over on StackOverflow, danimajo asked for help in an interesting scenario. Basically, he’s trying to drive Internet Explorer through automation, but finds that when he navigates to an Intranet site, the hidden browser instance appears and he can no longer control it. What’s going on? Background on Protected Mode Internet Explorer’s Protected Mode is a…

18

Understanding Protocols

For over a decade, Internet Explorer has enabled developers to extend the browser with new URL protocol schemes. These protocols can be one of two types: Asynchronous Pluggable Protocols – COM objects that implement the IInternetProtocolRoot interface and return content to URLMon, usually for rendering content inside of Internet Explorer or Web Browser controls Application…

6

Beware Cookie Sharing in Cross-Zone Scenarios

Note: I mentioned this problem before (Troubleshooting Login Cookies #3) but it was buried in a long post and this is an issue that lots of folks inside Microsoft hit, so I’m pulling it out into its own post. The Problem From time to time, various users have complained to the IE team that they’re…

7

Writing Files from Low-Integrity Processes

Internet Explorer 7 introduced Protected Mode, which uses Windows’ Integrity Controls feature to help prevent the contamination of the system with data that originates from the Internet. As a part of this feature, Internet Explorer now maintains two stores for the Temporary Internet Files and two Cookie Jars to store the user’s cookies. For each,…

4

Understanding the Protected Mode Elevation Dialog

Internet Explorer 7 introduced Protected Mode, a feature which helps ensure that the browser and its add-ons run with a minimal set of permissions. Code running inside the “Low Rights” process doesn’t have permission to write to your user-profile’s folders or registry keys, which helps to constrain the damage if a bad guy manages to…

10

Why Won’t IE Remember My Login Info?

Over on the Microsoft Answers forum, some folks have reported that Internet Explorer doesn’t remember their login details. This is a tricky problem to troubleshoot because there are a number of different problems which get lumped together under this description, and there are a number of different causes for each problem. Let’s break down the…

102

User Account Control in Windows 7

It isn’t directly related to Internet Explorer, but Mark Russinovich’s Inside Windows7 User Account Control article over on TechNet provides an illuminating explanation of why UAC isn’t a security boundary, but why it helps protect against malware anyway. For IE8 on Win7, the change is that if the system detects that an ActiveX control install…

0