Allow service to interact with desktop

windows windows-server-2008 security windows-7 windows-service
11,148

Solution 1

Microsoft introduced session 0 isolation in 2008/Vista. With session zero isolation, all Windows services now run in session 0, and all human sessions run in session 1 and above.

So, it is strongly discouraged to design a Windows service that requires interaction with the desktop. It is still technically possible to design a service that interacts with the desktop, but it is strongly discouraged. It's the wrong thing to do.

When a Windows service has to interact with the desktop, the interactively logged on human's desktop will get switched to looking at session 0's desktop so that the dialog box or whatever it is that needs attention, gets attention.

Now we have a very highly-privileged account, usually Local System, displaying a dialog box to a standard user. That dialog box is running in the context of Local System. You are giving that standard user an opportunity to exploit something in that dialog box and cause it to do something in the security context of Local System. So that's where the danger is.

Solution 2

The main point here are Windows' message forwarding mechanisms which allow any process to send any message to any window within its own session. This obviously presents a security risk if one of the windows belongs to a process with elevated rights. This class of attacks has been dubbed "shatter attacks" and has been discussed in depth throughout the security scene a couple of years ago.

As the root cause is impossible to fix - most, if not all software written for Windows relies on this feature - it has been decided that the only way to deal with this issue is segmentation - everything which runs in a single user session has to be run in a single security context. Service design guidelines have been reflecting this since the late 90'ies and were discouraging GUI code running in the service's context. It has been made imperative with Windows Vista, where you simply can't let a service to interact with a user's desktop any more.

Of course, this is also valid for Windows 7 and by checking "Allow service to interact with Desktop" you are allowing the service to interact with a virtual desktop which is not seen by the user. If it fixes your service - fine, let it be. But make sure that you do not have any Windows XP machines out there as this indeed would pose the aforementioned security risk.

Share:
11,148

Related videos on Youtube

Param
Author by

Param

Updated on September 18, 2022

Comments

  • Param
    Param over 1 year

    DC OS - Windows Server 2008 R2 Std

    Client OS - Windows XP, Windows 7

    I have implemented Security policy through Network Policy Server and enabled Wired AutoConfig Services Automatically. While Enabling Wired AutoConfig Services, if i check mark on ' Allow service to interact with Desktop ' It works proper in some of Window7 Laptop.

    But on internet it is giving me Warning that "Interactive services can display a user interface and receive user input. If you allow the service to interact with the desktop, any information that the service displays on the desktop will also be displayed on an interactive user's desktop. A malicious user could then take control of the service or attack it from the interactive desktop."

    Can you give me some example how Malicious User can take control of the service or attack it from the interactive desktop?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to turn off all secure protection of Windows 7?
Windows 7 keep computer from idling
How to show volume shadow copy service tab?
How can I find the source of Windows 7 Domain Users sending bad password attempts to 2008r2 server?
Block access to a website via http, but not https, via etc/hosts?
Are the losses of resetting a Windows password reversible?
Windows-7 system files integrity
How to unlock Windows 7 screen using script
Any folder copied to my Flash/memory card becomes a shortcut?
How to quickly Enable/Disable Internet Traffic so that it ONLY goes to ONE program?