none
Automate the UAC elevation prompt on Windows 8 and Window 10?

    Question

  • Short version: How can I automate the UAC elevation prompt dialog window on Windows 8 and Window 10?

    Long version:

    I am attempting to write functional tests for a Win32 application, using the UI Automation API.

    Presumably it is best practice to assume my users will have User Account Control (UAC) enabled, so I am attempting to automate responses to the UAC elevation prompt dialog which the installer for my app triggers.

    On Windows 7 this automation of the UAC dialog is possible after enabling UIAccess on the test runner process so that it bypasses UIPI privilege checks, signing the test runner exe, and configuring UAC to display the dialog on the interactive desktop (rather than the secure desktop). More details here: https://social.msdn.microsoft.com/Forums/windowsdesktop/en-US/674b4951-1c6e-400a-838e-dc72c672a12c/uac-automation-success?forum=windowssecurity

    However, with the exact same test runner EXE and UAC configuration on both Windows 8 and Windows 10, the UAC prompt window is NOT visible to UI Automation.

    I have tried many things including the following:

        § Installing the test runner process into the system32 dir (despite configring UAC to not requires this);
        § Running the test runner process elevated and enabling the SeDebugPrivilege privilege in the process.

    Running the latest version of inspect.exe (elevated) exhibits the same problem: the UAC prompt window is NOT enumerated on Win8/10 (whereas on Win7 it is).

    It may or may not be relevant that while Remote Assistance (msra.exe) is able to automate the UAC prompt window, in early versions of Windows 10 this was broken and took a patch to fix it. So what changed in Windows 10 security that meant that a patch was required? Anything to do with AppContainers? Not sure about Windows 8 here.

    The UAC elevation prompt window runs at the highest integrity level: System Integrity level. This is true on Win7/8/10.

    So my suspicion is that Windows UIPI security was tightened with Windows 8 to prevent access to System Integrity Level processes that were allowed access in Windows 7. Perhaps the criteria is whether or not the process is signed by the Windows codesign cert, as with the autoElevate feature.

    As it stands, I am unable to automate the test of my app on Windows 8+ so would be grateful for any information that can help with this.

    Thanks for any help

                                                           

    Sunday, May 13, 2018 5:28 PM