can a key logger program steal admin password when you install program from limited user account
In message FromTheRafters
was claimed to have wrote:
wrote:
I have admin and limited user account on my PC. I always run in
limited user account, except when installing program and doing other
system maintenance work.
In limited user account, when I install a program, it will pop up a
dialog to ask for admin password.
Suppose that under limited user account, I by mistake downloaded
virus/trojan, can this virus/trojan/key logger steal the admin
password when I try to install a program?
How does it work? If it can install a keylogger, it already has admin
privileges.
Keyloggers can run as a limited user but will only be able to intercept
activity that happens within that user's context and won't see what
happens in other contexts, including UAC elevated applications.
Short answer:
It should not be able to. The elevation prompt is not in your limited
user account, but in the "secure desktop" instead (like your logon
desktop). The system takes a snapshot of your current desktop, darkens
it, and switches to the secure desktop and displays it there - and then
displays the credentials prompt.
Don't forget the number of folks who set UAC to not use a secure
desktop, these people may not even have this level of protection.
|