Thread: can a key logger program steal admin password when you install program from limited user account
View Single Post
  #3 (permalink)  
Old December 20th 10, 01:56 AM posted to microsoft.public.windows.vista.general,microsoft.public.windows.vista.security,microsoft.public.windows.vista
Dave Warren
external usenet poster
  
Posts: 107
Default can a key logger program steal admin password when you install program from limited user account
In message FromTheRafters
was claimed to have wrote:

wrote:
I have admin and limited user account on my PC. I always run in
limited user account, except when installing program and doing other
system maintenance work.

In limited user account, when I install a program, it will pop up a
dialog to ask for admin password.

Suppose that under limited user account, I by mistake downloaded
virus/trojan, can this virus/trojan/key logger steal the admin
password when I try to install a program?

How does it work? If it can install a keylogger, it already has admin
privileges.

Keyloggers can run as a limited user but will only be able to intercept
activity that happens within that user's context and won't see what
happens in other contexts, including UAC elevated applications.

Short answer:

It should not be able to. The elevation prompt is not in your limited
user account, but in the "secure desktop" instead (like your logon
desktop). The system takes a snapshot of your current desktop, darkens
it, and switches to the secure desktop and displays it there - and then
displays the credentials prompt.

Don't forget the number of folks who set UAC to not use a secure
desktop, these people may not even have this level of protection.