With Windows Vista, Microsoft includes the latest version of Internet Explorer, IE7. However, on Windows Vista IE7 has some new security options which help make surfing the Web even safer, namely Protected Mode.
Protected Mode is a security measure which relies on Windows Vista's new WIC (Windows Integrity Control) security to control how objects interact with each other. By default, when Protected Mode is enabled, every process and file associated with Internet Explorer is assigned a Low integrity level.
By comparison, standard users are granted a Medium integrity level and any object (file, process, etc.) that is not specifically granted a different integrity level is considered Medium by default. WIC will not let an object act on, or interact with an object of a higher integrity level than itself, so malicious processes and files from the Internet that try to infect or compromise the computer system will be rejected. Low can not overwrite or interact with Medium, so Internet Explorer loses.
There are, of course, instances where you want or need a web site to write to or work with your system. When you encounter a site like this, you might be inclined to just disable Protected Mode, even just for a little while. This is not advisable however because it leaves your whole system wide open to attack.
Like previous versions of Internet Explorer, IE7 has Security Zones which you can use to segregate web sites into different levels of trust. If you need certain processes or applets to work on a specific site and they won't work in Protected Mode, rather than turning off Protected Mode you should add the site in question to the Trusted zone, which has Protected Mode disabled by default.
