IsProtectedModeEnabledForIE

Determines if protected mode would be enabled if the current process were a browser process.

Declaration

BOOL IsProtectedModeEnabledForIE (VOID); 

Return Value

The function returns TRUE or FALSE according to whether protected mode is or is not enabled.

Behaviour

This function’s question is evaluated just the once. If the function has been called before, it returns whatever it knows from the first execution.

If not running on Windows Vista or higher, then protected mode is not available and the function returns FALSE.

Version 8.0 allows protected mode to be disabled in the registry, through the following value in any of four keys listed below in order of decreasing precedence:

If this value has non-zero data, then protected mode is not enabled and the function returns FALSE.

Version 8.0 also provides for executing Internet Explorer in a single-process environment whose details are presently beyond the scope of this note. In this environment, protected mode is not enabled and the function returns FALSE.

If User Account Control is enabled (see IEStubIsLuaEnabled), then protected mode is generally enabled, but is disabled for elevated processes (see IsElevatedProcess).

Without User Account Control, protected mode is generally disabled, but can be enabled through the registry if the current process executes for the built-in administrator:

If the data is exactly 1, then protected mode is enabled. (The value’s name appears to mean Least-Privilege User Account Off but Low Rights Internet Explorer On.) To the function, a user is the built-in administrator if the corresponding SID’s last subauthority is DOMAIN_USER_RID_ADMIN, as for S-1-5-32-500.

Availability

The IsProtectedModeEnabledForIE function is exported from IERTUTIL as ordinal 43 in version 7.0 and higher.

Contrast this function with IsProtectedModeEnabled, which test first that the current process actually is a browser process.