Certain exploit techniques could allow an attacker to bypass Internet Explorer's Protected Mode and infect systems with malware, according to a new report from Verizon Business.
Protected Mode is used in Windows Vista and Windows 7 as a way of mitigating the risk of infection from browser exploits. The component seeks to verify actions before they are run and alert users to suspicious activity.
However, Verizon Business researchers said in the report (PDF) that an attacker could use so-called 'generic' attack techniques to bypass the Protected Mode controls and remotely infect the system.
The claims are causing researchers to question the value of Protected Mode as a true security protection.
"The fact that a single exploit can be used for the remote exploit and local privilege escalation is central to why this is a significant issue," said Verizon Business.
"Features such as Protected Mode can only be effective if they significantly raise the cost of an attack or reduce the probability of a successful attack."
Verizon Business offers a set of recommendations to help mitigate the risk, advising administrators to run workstations under a user rather than an administrator account, and ensure that third-party tools are not reconfiguring Protected Mode to allow privilege escalation.
The researchers also noted that there are limitations to the vulnerability which could foil some attacks.
"Given the current set of potential ways to bypass Protected Mode by locally escalating from low to medium integrity, it can be concluded that the mechanism currently provides little in the way of reliable protection from remote code execution attacks," the company said.
"However, currently, most malicious code that runs at low integrity will likely fail to persist across reboots, since it will not be aware that it is running at low integrity."
A Microsoft spokesperson told V3.co.uk that the company is aware of the report, but that the issue is not considered to be a software vulnerability.
"In order to use this method, an attacker would first need to be able to exploit an unpatched vulnerability on the target computer," the company said in a statement.
"Protected Mode was designed to help defend against 'elevation of privilege' attacks and to help protect users from malicious downloads by restricting where files can be saved without the user's consent.
"Protected Mode is not a security boundary. It does not provide direct protection, only a chance for a user to verify an action before it happens."
Microsoft is advising users to upgrade to the latest version of Internet Explorer.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago