Geoff Chappell - Software Analyst
CreateProtectedModeRegistry
Sets low integrity for registry keys needed by Internet Explorer in Protected
Mode.
Declaration
HRESULT CreateProtectedModeRegistry (VOID);
Return Value
The function returns zero for success, else an error code.
Behaviour
If not running on Windows Vista or higher, the function fails (returning
S_FALSE). Otherwise, the function sets low integrity
for each of the applicable registry keys (see below). Failure for any one does not
cause the function to skip any others, but does cause the function to fail (returning
E_FAIL). The applicable registry keys are:
- HKEY_CURRENT_USER\Software\AppDataLow
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\5.0\LowCache
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\ToolbarWebBrowser
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PageSetup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet
Settings\Passport\LowDAMap
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet
Settings\Wpad (version 8.0 and higher)
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\LowRegistry
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Zoom
(version 8.0 and higher)
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic
(version 8.0 and higher)
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IETld\LowMic
(version 8.0 and higher)
To set a low integrity level for a registry key, the function creates the key,
asking for KEY_WRITE and WRITE_OWNER
access rights, and calls the
SetRegistryKeyIntegrityLevel
function with the particular SID that is represented by LW in the Security Descriptor
Definition Language.
Availability
The CreateProtectedModeRegistry function is exported
from IERTUTIL as ordinal 33 in version 7.0 and higher.