Vista - Something you should reflect regarding finishing setup programs

01-19-2008

Hey all,

just installed the latest version of Winamp (the old ones have a serious bug
in streaming that will allow to attack the machine - go for the latest
version or remove).
So also installed it on my sons machine (Vista). He is certainly not
Administrator and UAC is certainly active. Started setup, get the credUI as
expected, entered admin credentials, setup works fine.
But now there is this last page with a checked checkbox "Run Winamp now on
Exit" (yes - AOL WANTS you to run this program...).
OK - here is where the problem starts. What security context will actually
lauch Winamp when i click the "Finish" button?? Think once, think twice....
AAAAHHHH the security of the admin that executed the setup, as all processes
spawned from this security context will inherit it's security context -
which is a fully elevated real administrator security context.
If you leave this option checked then you will hand over a admin context to
a non admin user and he/she/it/mixed will be able to do whatever the program
will allow him to do - ACCCESS ALL AREAS.
So what can we do about this?
- Take away the check certainly - it's easy, it works, you forget it sooner
or later (or if you have not read this you will not even know it)
- Give those people that create setup programs feedback that in the days of
UAC such an option is not what we want
- @MS: if you detect a setup program and automatically ask the user to run
int elevated check after the setup finished that there are no more processes
active that have been spawned from the setup process or one of it's child
processes. In case that such a process is still running a) kill it silently,
b) tell the user c) write a log to the security event log d) let Steve
Ballmer talk to the company who created the setup ;-) (option d can be
combined with a) to c)

Certainly all "First run..." activities will also be executed in the admin
context. And I think even the authors of the setup do not want to
personlaize the administrators account but the real user account.

Hope this post will help you to have a more secure Windows experience.

Hansjörg

**GSi-R** · 01-19-2008

Thanks for that. After reading above, i opened my WINAMP to be greeted with a security update, which i have downloaded. I now have WINAMP 5.52

Thanks again

01-19-2008	#1 (permalink)
Hansjörg n/a posts	Something you should reflect regarding finishing setup programs Hey all, just installed the latest version of Winamp (the old ones have a serious bug in streaming that will allow to attack the machine - go for the latest version or remove). So also installed it on my sons machine (Vista). He is certainly not Administrator and UAC is certainly active. Started setup, get the credUI as expected, entered admin credentials, setup works fine. But now there is this last page with a checked checkbox "Run Winamp now on Exit" (yes - AOL WANTS you to run this program...). OK - here is where the problem starts. What security context will actually lauch Winamp when i click the "Finish" button?? Think once, think twice.... AAAAHHHH the security of the admin that executed the setup, as all processes spawned from this security context will inherit it's security context - which is a fully elevated real administrator security context. If you leave this option checked then you will hand over a admin context to a non admin user and he/she/it/mixed will be able to do whatever the program will allow him to do - ACCCESS ALL AREAS. So what can we do about this? - Take away the check certainly - it's easy, it works, you forget it sooner or later (or if you have not read this you will not even know it) - Give those people that create setup programs feedback that in the days of UAC such an option is not what we want - @MS: if you detect a setup program and automatically ask the user to run int elevated check after the setup finished that there are no more processes active that have been spawned from the setup process or one of it's child processes. In case that such a process is still running a) kill it silently, b) tell the user c) write a log to the security event log d) let Steve Ballmer talk to the company who created the setup ;-) (option d can be combined with a) to c) Certainly all "First run..." activities will also be executed in the admin context. And I think even the authors of the setup do not want to personlaize the administrators account but the real user account. Hope this post will help you to have a more secure Windows experience. Hansjörg
My System Specs

01-19-2008	#2 (permalink)
GSi-R Vista Business 32bit 69 posts	Re: Something you should reflect regarding finishing setup programs Thanks for that. After reading above, i opened my WINAMP to be greeted with a security update, which i have downloaded. I now have WINAMP 5.52 Thanks again
My System Specs

Similar Threads
Thread	Forum
Macrium reflect free - new version	Software
Changing Active Title Bar color does not reflect	General Discussion
How reflect the changes in array to bound grid	.NET General
running programs launches office setup	Vista security
UAC, Shield Icons, and setup programs	Vista security