Win32: How to post message to a process run by a d

2019-03-01 09:49发布

问题:

We run two application, each of them register the same message using RegisterWindowMessage(): application A as a regular user and application B as administrator in the same user's session on the machine, and those applications would send this message one to another. When A and B were run as a same user everything was fine and we were able to communicate using PostMessage() messaging. Now as application B is run as administrator messages do not come through any more. What can we do about it?

Does this situation mandate us to use other mechanisms (other than messages)?

回答1:

In Windows Vista and later, User Interface Privilege Isolation (UIPI) prevents a lower integrity process from sending window messages to a higher integrity process. In earlier Windows versions, malicious code could attack administrative processes by misusing window messages. By default, UIPI blocks all messages with a value above WM_USER, which includes messages registered via RegisterWindowMessage(). So, in order to allow A to send such messages to B, B must first call ChangeWindowMessageFilter() or ChangeWindowMessageFilterEx() for each blocked message that it wants to receive from lower integrity processes.