User Interface Privilege Isolation
- User Interface Privilege Isolation
User Interface Privilege Isolation (UIPI) is a technology introduced in Windows Vista and Windows Server 2008 to combat code injection exploits. By leveraging Mandatory Integrity Control, it prevents processes with a lower "integrity level" (IL) from sending messages to higher IL processes (except for a very specific set of UI messages).[cite web]
url=http://msdn2.microsoft.com/en-us/library/aa905330.aspx
title=The Windows Vista and Windows Server 2008 Developer Story: Windows Vista Application Development Requirements for User Account Control (UAC)
publisher=Microsoft
date=April 2007
accessdate=2007-12-07] Window messages are designed to communicate user action to processes; however they can be used maliciously to trigger flaws in the receiving process to run arbitrary code in its context. If a low IL process can run code in the context of a higher IL process, it accomplishes an unauthorized privilege escalation resulting in a Shatter attack. By restricting access to some vectors for triggering flaws, UIPI can help to reduce and prevent some types of shatter attacks.[cite web]
url=http://www.coseinc.com/Vista_UIPI.ppt.pdf
title=Windows Vista UIPI
author=Edgar Barbosa
publisher=COSEINC
accessdate=2007-12-07] UIPI is not a security boundary, and does not aim to protect against all shatter attacks. UI Accessibility Applications can bypass UIPI by setting their "uiAccess" value to TRUE as part of their manifest file. This requires the application to be in the Program Files or Windows directory, as well as to be signed by a valid code signing authority, but these requirements will not necessarily stop malware from respecting them. Additionally, some messages are still allowed through, such as WM_KEYDOWN, which allows a lower IL process to drive input to an elevated command prompt. Finally, the function ChangeWindowMessageFilter allows a medium IL process (all non-elevated processes except Internet Explorer Protected Mode) to change the messages that a high IL process can receive from a lower IL process. This effectively allows bypassing UIPI, unless running from Internet Explorer or one of its child processes.
References
Wikimedia Foundation.
2010.
Look at other dictionaries:
User Interface Privilege Isolation — (UIPI Isolation des privilèges de l IHM) est une technique de sécurité utilisée par Windows Vista et Windows Server 2008 pour se protéger contre les exploits d injection de code. UIPI évite qu un processus ayant un bas niveau de sécurité… … Wikipédia en Français
User Account Control — (UAC) is a technology and security infrastructure introduced with Microsoft s Windows Vista operating system. It aims to improve the security of Microsoft Windows by limiting application software to standard user privileges until an administrator … Wikipedia
Graphics Device Interface — The Graphics Device Interface (GDI) is a Microsoft Windows application programming interface and core operating system component responsible for representing graphical objects and transmitting them to output devices such as monitors and printers … Wikipedia
Roaming user profile — C:Documents and Settings{username} Application Data … Wikipedia
UIPI — User Interface Privilege Isolation User Interface Privilege Isolation (UIPI Isolation des privilèges de l IHM) est une technique de sécurité utilisée par Windows Vista et Windows Server 2008 pour se protéger contre les exploits d injection de… … Wikipédia en Français
Architecture of Windows NT — The Windows NT operating system family s architecture consists of two layers (user mode and kernel mode), with many different modules within both of these layers. The architecture of Windows NT, a line of operating systems produced and sold by… … Wikipedia
Shatter attack — In computing, a shatter attack is a programming technique employed by hackers on Microsoft Windows operating systems that can be used to bypass security restrictions between processes in a session. A shatter attack takes advantage of a design… … Wikipedia
Mandatory Integrity Control — In the context of the Microsoft Windows range of operating systems, Mandatory Integrity Control (MIC) or Integrity Levels (or Protected Mode in the context of applications like Internet Explorer, Google Chrome and Adobe Reader)[1] is a core… … Wikipedia
Microsoft Windows — Windows redirects here. For the part of a building, see Window. For other uses, see Windows (disambiguation). Microsoft Windows … Wikipedia
Windows Installer — This article is about the Microsoft Windows component. For the installation of the operating system itself, see Windows Setup. Windows Installer Default window (after running msiexec.exe) Original author(s) Microsoft … Wikipedia
