I have an application that embeds an IE window. In it, the user can potentially surf to any website he/she wants.

I'm launching IE7 using CoCreateInstance and IWebBrowser2. In Vista, this unfortunately creates a non-protected mode IE7 because my application is running in medium IL.

AFAIK, it is not possible to launch protected-mode IE7 by using CoCreateInstance (as opposed to IELaunchURL, which cannot be embedded) unless we're sure the broker process (ieuser.exe) has already been running: PostID=1056857&SiteID=1

How dangerous is it to embed a non-protected IE7 Is non-protected IE7 just as safe (or unsafe) as IE7 in XP or FF in vista

I am thinking of embedding non-protected IE7 and disabling a few potentially harmful features such as DLCTL_NO_BEHAVIORS and DLCTL_NO_DLACTIVEXCTLS.