Enhanced Protection Mode

Enhanced Protection Mode is a new feature within Windows 8.  It is enabled by default with the Metro version of Internet Explorer 10, and can be enabled manually with the desktop version.

enhanced_protected_mode_1

Enhanced Protection Mode offers some additional features compared to the original Protected Mode introduced with Vista.  If the OS version and CPU support is available, all tabs processes are ran as 64-bit.  This helps with technologies such as Address Space Layout Randomization.  Enhanced Protection Mode restricts IE from locations that contain personal information until permission is granted.  Tab processes (which is where untrusted Internet pages load) do not have access to a user’s domain credentials, as well as some other options such as tab processes cannot operate as local webservers.

The desktop version of IE 10 with Windows 8 will use 32-bit tab processes by default if Enhanced Protection Mode is not enabled.  Metro IE uses EPM by default, so tab processes will be 64-bit with compatible hardware and operating system. 

If a plug-in does not offer support with the desktop version of IE 10 when EPM is enabled, a notification bar should appear near the bottom of the screen.

enhanced_protected_mode_2