We run two application, each of them register the same message using RegisterWindowMessage(): application A as a regular user and application B as administrator in the same user's session on the machine, and those applications would send this message one to another. When A and B were run as a same user everything was fine and we were able to communicate using PostMessage() messaging. Now as application B is run as administrator messages do not come through any more. What can we do about it?
Does this situation mandate us to use other mechanisms (other than messages)?
In Windows Vista and later, User Interface Privilege Isolation (UIPI) prevents a lower integrity process from sending window messages to a higher integrity process. In earlier Windows versions, malicious code could attack administrative processes by misusing window messages. By default, UIPI blocks all messages with a value above
WM_USER
, which includes messages registered viaRegisterWindowMessage()
. So, in order to allow A to send such messages to B, B must first callChangeWindowMessageFilter()
orChangeWindowMessageFilterEx()
for each blocked message that it wants to receive from lower integrity processes.