Did You Guys Hear...
-
...that Vista determines what apps should be run with admin privileges based on the name of the executable? If the name of your exe includes "Install", Vista will require admin rights for it to run. If you simple change the name of the exe to something like "Boffo", it will NOT require admin rights to run. Microsoft claims it was a method for preventing malware to run, but now that the malware authors know about it, I guess it's been reduced to yet another pointless "security" feature. Way to go, MS!
"Why don't you tie a kerosene-soaked rag around your ankles so the ants won't climb up and eat your candy ass..." - Dale Earnhardt, 1997
-----
"...the staggering layers of obscenity in your statement make it a work of art on so many levels." - Jason Jystad, 10/26/2001The alternative would have been for every installer to be modified to include an application manifest with admin privilege levels. Given that this would have been commercial suicide, MS took the safe option - no matter how bodgy it appears. Remember that if an app is deemed as requiring admin permissions and UAC is on you'll get a UAC prompt - the "installer" won't get those permissions automatically. So malware disguised as an installer still needs "some idiot" to press the big red button (which they probably will, but then some people can't be helped...) before it can do it's worst.
Anna :rose: Linting the day away :cool: Anna's Place | Tears and Laughter "If mushy peas are the food of the devil, the stotty cake is the frisbee of God"
-
Steve Thresher wrote:
Spyware programs cannot run without confirmation from the operator
Unless they are named Boffo.exe! :rolleyes:
Simply Elegant Designs JimmyRopes Designs
Think inside the box! ProActive Secure Systems
I'm on-line therefore I am. JimmyRopesIn which case they don't get admin privileges. As simple a thing as attempting to write to the Local Machine hive will result in E_ACCESS_DENIED. :)
Anna :rose: Linting the day away :cool: Anna's Place | Tears and Laughter "If mushy peas are the food of the devil, the stotty cake is the frisbee of God"
-
You should try with a normal user account, not administrator.
________________________________________________ Personal Blog [ITA] - Tech Blog [ENG] - My Photos ScrewTurn Wiki 2.0.4
Trust me here at this place I do not have an administrator account.
God Bless, Jason
Programmer: A biological machine designed to convert caffeine into code.
Developer: A person who develops working systems by writing and using software. [^] -
I hope malware writers don't rename there files to something less suspecious , like say, cute.scr or something becose then it would go right past. Hope they all stay named, oh, virus_installer.exe or something.:wtf:
Yes. The common name of the virus is included at the end. For example, a virus might be named something like INSTALL_VIRUS_W32.KWBOT.F.WORM.EXE That is the prescribed standard.
Nobody can give you wiser advice than yourself. - Cicero
-
Yes. The common name of the virus is included at the end. For example, a virus might be named something like INSTALL_VIRUS_W32.KWBOT.F.WORM.EXE That is the prescribed standard.
Nobody can give you wiser advice than yourself. - Cicero
brahmma wrote:
That is the prescribed standard.
last i heard, the ISO was still debating this. there was a big disagreement over backwards compatibility with 8.3 systems. but, IMO, that needs to be split into a separate standard.
image processing toolkits | batch image processing | blogging
-
John Simmons / outlaw programmer wrote:
If you simple change the name of the exe to something like "Boffo", it will NOT require admin rights to run.
Microsoft: "Boffo" added to the list :cool: Now anything with "boffo" in its name will require admin priveleges!
found at bash.org [kernx]|.|.|.|.|.|.|.| [kernx]sorry, wrong window [beox33]say me why in the f*ck will you type that in any window
-
The alternative would have been for every installer to be modified to include an application manifest with admin privilege levels. Given that this would have been commercial suicide, MS took the safe option - no matter how bodgy it appears. Remember that if an app is deemed as requiring admin permissions and UAC is on you'll get a UAC prompt - the "installer" won't get those permissions automatically. So malware disguised as an installer still needs "some idiot" to press the big red button (which they probably will, but then some people can't be helped...) before it can do it's worst.
Anna :rose: Linting the day away :cool: Anna's Place | Tears and Laughter "If mushy peas are the food of the devil, the stotty cake is the frisbee of God"
Anna-Jayne Metcalfe wrote:
an installer still needs "some idiot" to press the big red button
There is no shortage of those.
"Why don't you tie a kerosene-soaked rag around your ankles so the ants won't climb up and eat your candy ass..." - Dale Earnhardt, 1997
-----
"...the staggering layers of obscenity in your statement make it a work of art on so many levels." - Jason Jystad, 10/26/2001 -
I hope malware writers don't rename there files to something less suspecious , like say, cute.scr or something becose then it would go right past. Hope they all stay named, oh, virus_installer.exe or something.:wtf:
You're an idiot. See Anna-Jayne's replies.
AxisFirst For Business
-
This works in XP too - try making a copy of notepad.exe and call it install.exe. :rolleyes:
I remember seeing this behavior on XP years back. I was too lazy to log out (I'm a local admin) and check as I was having a lot of apps running, and went down to play TT. :->
Cheers, Vikram.
"But nowadays, it means nothing. Features are never frozen, development keeps happening, bugs never get fixed, and documentation is something you might find on wikipedia." - Marc Clifton on betas.
Join the CP group at NationStates. Password:
byalmightybob -
I hope malware writers don't rename there files to something less suspecious , like say, cute.scr or something becose then it would go right past. Hope they all stay named, oh, virus_installer.exe or something.:wtf:
I find it incredible that you've got two 5 votes. It's normal programs called "Setup.exe" or "Install.exe" that require admin privileges, not the other way round. Unless, of course, that was sarcasm.
Cheers, Vikram.
"But nowadays, it means nothing. Features are never frozen, development keeps happening, bugs never get fixed, and documentation is something you might find on wikipedia." - Marc Clifton on betas.
Join the CP group at NationStates. Password:
byalmightybob -
...that Vista determines what apps should be run with admin privileges based on the name of the executable? If the name of your exe includes "Install", Vista will require admin rights for it to run. If you simple change the name of the exe to something like "Boffo", it will NOT require admin rights to run. Microsoft claims it was a method for preventing malware to run, but now that the malware authors know about it, I guess it's been reduced to yet another pointless "security" feature. Way to go, MS!
"Why don't you tie a kerosene-soaked rag around your ankles so the ants won't climb up and eat your candy ass..." - Dale Earnhardt, 1997
-----
"...the staggering layers of obscenity in your statement make it a work of art on so many levels." - Jason Jystad, 10/26/2001This is intended as a compatibility feature. Most legacy installers don't work right if they run under the low-privileged rights of a non-elevated administrator. Therefore there are a number of heuristics to detect installers and force elevation if an installer program is detected. If you run with UAC enabled, you get a UAC prompt before the elevation can occur. (If you're running as a standard user, you will get the over-the-shoulder password prompt instead). If you run with UAC disabled, and you log in as an administrator, or you log in as the
Administratoraccount with UAC enabled, all code is running with administrative rights and privileges anyway. If you're writing code that targets Windows Vista you should include a manifest which declares what your program actually does. This suppresses all the legacy detection, including this, and registry and file system redirection.Stability. What an interesting concept. -- Chris Maunder
-
In which case they don't get admin privileges. As simple a thing as attempting to write to the Local Machine hive will result in E_ACCESS_DENIED. :)
Anna :rose: Linting the day away :cool: Anna's Place | Tears and Laughter "If mushy peas are the food of the devil, the stotty cake is the frisbee of God"
No manifest, so it'll get redirected if it writes to HKLM\Software rather than ERROR_ACCESS_DENIED. If you include a Vista UAC manifest, the installer detection does not occur and the elevation will depend on what you put in your manifest. asInvoker - never prompts highestAvailable - asks administrators to elevate but doesn't do an over-the-shoulder (OTS) prompt for standard users, just runs low-privileged requireAdministrator - prompts administrators to confirm, OTS prompt for standard users Those are the defaults - an administrator can change whether admins see the confirm or OTS prompt, and whether standard users see the OTS prompt or it simply fails to run.
Stability. What an interesting concept. -- Chris Maunder
-
No manifest, so it'll get redirected if it writes to HKLM\Software rather than ERROR_ACCESS_DENIED. If you include a Vista UAC manifest, the installer detection does not occur and the elevation will depend on what you put in your manifest. asInvoker - never prompts highestAvailable - asks administrators to elevate but doesn't do an over-the-shoulder (OTS) prompt for standard users, just runs low-privileged requireAdministrator - prompts administrators to confirm, OTS prompt for standard users Those are the defaults - an administrator can change whether admins see the confirm or OTS prompt, and whether standard users see the OTS prompt or it simply fails to run.
Stability. What an interesting concept. -- Chris Maunder
My mistake. :-O Either way, it won't be able to gain admin access.
Anna :rose: Linting the day away :cool: Anna's Place | Tears and Laughter "If mushy peas are the food of the devil, the stotty cake is the frisbee of God"
-
Anna-Jayne Metcalfe wrote:
an installer still needs "some idiot" to press the big red button
There is no shortage of those.
"Why don't you tie a kerosene-soaked rag around your ankles so the ants won't climb up and eat your candy ass..." - Dale Earnhardt, 1997
-----
"...the staggering layers of obscenity in your statement make it a work of art on so many levels." - Jason Jystad, 10/26/2001On that we're agreed. :doh:
Anna :rose: Linting the day away :cool: Anna's Place | Tears and Laughter "If mushy peas are the food of the devil, the stotty cake is the frisbee of God"
-
...that Vista determines what apps should be run with admin privileges based on the name of the executable? If the name of your exe includes "Install", Vista will require admin rights for it to run. If you simple change the name of the exe to something like "Boffo", it will NOT require admin rights to run. Microsoft claims it was a method for preventing malware to run, but now that the malware authors know about it, I guess it's been reduced to yet another pointless "security" feature. Way to go, MS!
"Why don't you tie a kerosene-soaked rag around your ankles so the ants won't climb up and eat your candy ass..." - Dale Earnhardt, 1997
-----
"...the staggering layers of obscenity in your statement make it a work of art on so many levels." - Jason Jystad, 10/26/2001Hi John. You'll also run into this if the file is called Setup.exe. Plus, after closing the app, Vista will display a message stating that something went wrong with the install if it's not really an installer. I have found a work around. If you embed the following "trust info" into the EXE's manifest file, it will no longer require admin rights. Nor will it report that the installation failed either.
<?xml version='1.0' encoding='utf-8' standalone='yes'?>
<assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly> -
...that Vista determines what apps should be run with admin privileges based on the name of the executable? If the name of your exe includes "Install", Vista will require admin rights for it to run. If you simple change the name of the exe to something like "Boffo", it will NOT require admin rights to run. Microsoft claims it was a method for preventing malware to run, but now that the malware authors know about it, I guess it's been reduced to yet another pointless "security" feature. Way to go, MS!
"Why don't you tie a kerosene-soaked rag around your ankles so the ants won't climb up and eat your candy ass..." - Dale Earnhardt, 1997
-----
"...the staggering layers of obscenity in your statement make it a work of art on so many levels." - Jason Jystad, 10/26/2001Just thought about an exe : "GetDownToDiskAndDestroy.exe". Vista must be saying a "welcome":sigh:
Press: 1500 to 2,200 messages in just 6 days? How's that possible sir? **Dr.Brad :**Well,I just replied to everything Graus did and then argued with Negus for a bit.
-
I find it incredible that you've got two 5 votes. It's normal programs called "Setup.exe" or "Install.exe" that require admin privileges, not the other way round. Unless, of course, that was sarcasm.
Cheers, Vikram.
"But nowadays, it means nothing. Features are never frozen, development keeps happening, bugs never get fixed, and documentation is something you might find on wikipedia." - Marc Clifton on betas.
Join the CP group at NationStates. Password:
byalmightybobVikram A Punathambekar wrote:
Unless, of course, that was sarcasm.
Kind of obvious, I felt.
Nobody can give you wiser advice than yourself. - Cicero
-
brahmma wrote:
That is the prescribed standard.
last i heard, the ISO was still debating this. there was a big disagreement over backwards compatibility with 8.3 systems. but, IMO, that needs to be split into a separate standard.
image processing toolkits | batch image processing | blogging
Chris Losinger wrote:
last i heard, the ISO was still debating this. there was a big disagreement over backwards compatibility with 8.3 systems. but, IMO, that needs to be split into a separate standard.
Whomever you've heard it from, you've heard it right. The debate is still going on. I think that is one hell of a reason for Microsoft to make such a [drumroll] brilliant move. [/drumroll]
Nobody can give you wiser advice than yourself. - Cicero
-
...that Vista determines what apps should be run with admin privileges based on the name of the executable? If the name of your exe includes "Install", Vista will require admin rights for it to run. If you simple change the name of the exe to something like "Boffo", it will NOT require admin rights to run. Microsoft claims it was a method for preventing malware to run, but now that the malware authors know about it, I guess it's been reduced to yet another pointless "security" feature. Way to go, MS!
"Why don't you tie a kerosene-soaked rag around your ankles so the ants won't climb up and eat your candy ass..." - Dale Earnhardt, 1997
-----
"...the staggering layers of obscenity in your statement make it a work of art on so many levels." - Jason Jystad, 10/26/2001Oh you have GOT to be kidding me... That's about as bad as determining which program to run based on the file extension. :rolleyes:
------------ Cheers, Patrick
-
Trust me here at this place I do not have an administrator account.
God Bless, Jason
Programmer: A biological machine designed to convert caffeine into code.
Developer: A person who develops working systems by writing and using software. [^]I bet you do. My user account on my work machine is not the Administrator account nor was it created when the machine was first configured, but the IT guys saw fit to include it in the Admin group and give it Admin privileges (guess they figured it'd be stupid to need to come downstairs everytime I wanted to install an SDK!).
------------ Cheers, Patrick