1

We run two application, each of them register the same message using RegisterWindowMessage(): application A as a regular user and application B as administrator in the same user's session on the machine, and those applications would send this message one to another. When A and B were run as a same user everything was fine and we were able to communicate using PostMessage() messaging. Now as application B is run as administrator messages do not come through any more. What can we do about it?

Does this situation mandate us to use other mechanisms (other than messages)?

Artem
  • 7,275
  • 15
  • 57
  • 97

1 Answers1

12

In Windows Vista and later, User Interface Privilege Isolation (UIPI) prevents a lower integrity process from sending window messages to a higher integrity process. In earlier Windows versions, malicious code could attack administrative processes by misusing window messages. By default, UIPI blocks all messages with a value above WM_USER, which includes messages registered via RegisterWindowMessage(). So, in order to allow A to send such messages to B, B must first call ChangeWindowMessageFilter() or ChangeWindowMessageFilterEx() for each blocked message that it wants to receive from lower integrity processes.

Remy Lebeau
  • 555,201
  • 31
  • 458
  • 770