View Single Post
  #2 (permalink)  
Old December 19th 10, 12:25 AM posted to microsoft.public.windows.vista.general,microsoft.public.windows.vista.security,microsoft.public.windows.vista
FromTheRafters[_2_]
external usenet poster
 
Posts: 221
Default can a key logger program steal admin password when you installprogram from limited user account

wrote:
I have admin and limited user account on my PC. I always run in
limited user account, except when installing program and doing other
system maintenance work.

In limited user account, when I install a program, it will pop up a
dialog to ask for admin password.

Suppose that under limited user account, I by mistake downloaded
virus/trojan, can this virus/trojan/key logger steal the admin
password when I try to install a program?


How does it work? If it can install a keylogger, it already has admin
privileges.

Short answer:

It should not be able to. The elevation prompt is not in your limited
user account, but in the "secure desktop" instead (like your logon
desktop). The system takes a snapshot of your current desktop, darkens
it, and switches to the secure desktop and displays it there - and then
displays the credentials prompt.

However, it might be possible for a compromised limited account to fake
a secure desktop (darkened desktop) with a fake credentials prompt for you.

I know that I'll be safe if I switch to admin account to do the
installation.


If you have a keylogger "installed", how can you assume this?

And yes, there is a possibility that the virus will change the program
I want to install. Let's ignore this possibility for now.


You are only concerned about what can see the admin password?

When you get to the "logon" screen and enter your admin password there,
it is the same thing as the secure desktop offered up in your limited
user account - if your keylogger can do one, it can do the other.

I am running Win7.


I assumed Vista (the group names all say vista) - and I also assume Win
7 is quite similar in this respect.