InsultingBozo

I have an application that embeds an IE window. In it, the user can potentially surf to any website he/she wants.

I'm launching IE7 using CoCreateInstance and IWebBrowser2. In Vista, this unfortunately creates a non-protected mode IE7 because my application is running in medium IL.

AFAIK, it is not possible to launch protected-mode IE7 by using CoCreateInstance (as opposed to IELaunchURL, which cannot be embedded) unless we're sure the broker process (ieuser.exe) has already been running:
http://forums.microsoft.com/MSDN/ShowPost.aspx PostID=1056857&SiteID=1

How dangerous is it to embed a non-protected IE7 Is non-protected IE7 just as safe (or unsafe) as IE7 in XP or FF in vista

I am thinking of embedding non-protected IE7 and disabling a few potentially harmful features such as DLCTL_NO_BEHAVIORS and DLCTL_NO_DLACTIVEXCTLS.