Running IE with SAFER

Michael Howard recently did a two part series on MSDN about browsing the web and reading email safely as an Administrator (part 1 | part 2).  Today he’s got a Quick Start posted on his blog to get IE setup to run with SAFER.  Personally, I prefer the run as normal user route, but if you’ve got to be an admin on your machine, this is certainly a big step up from browsing the web with full administrative rights.

Comments (5)

  1. rx says:

    dont even use explorer, firefox will kill it soon..

  2. treego14 says:

    I think Opera will be the end of Firefox.

  3. Fred says:

    and IE the end of Opera anyway

  4. Keith Brown says:

    The thing that bothers me about Mike’s approach is that it’s subject to all kinds of luring attacks. As an example, unless you’re in a job with JOB_OBJECT_UILIMIT_HANDLES, window messages aren’t secured between processes running in the same window station. What’s to stop the sandboxed application from sending window messages to Explorer? Start | Run | Malicious Code of Your Choice | <enter>.

    I agree with you that running as a non-admin in the first place is the best possible plan. Mike’s trick will be useful until someone discovers the 10 lines of code it takes to get around it.

    Another thing that bothers me is neither the Platform SDK nor Mike’s article discusses the problem wrt the partial trust SAFER levels. I think people might get a false sense of security from this.

  5. Shawn says:

    Like I said, running as a non-admin is my prefered way to go as well 🙂 As to the message attack, Windows people will tell you that the Desktop is the security boundary. In order to do this safely you need to actually run as admin in a seperate desktop.