How to supress the warning in IE's protected mode

2

I have a BHO which captures webpages as images and I run another process to pngcrush the images thus created. The problem that I face in UAC enabled systems is that every time IE runs, I get a warning for the pngcrushing process that I spawn from the BHO. I read here

Understanding and Working in Protected Mode Internet Explorer archive

Starting Processes from Protected Mode

In general, extensions should operate as low integrity processes whenever possible. This provides the best protection against malicious attacks. However, there are times when an extension may need to access medium or even high integrity objects.

To do this, create a broker process to access higher integrity objects and then launch the broker process with a higher integrity level. By default, Internet Explorer will prompt the user to confirm the medium integrity elevated process, as shown in the following screen shot.

enter image description here

You can silently elevate your broker process to medium integrity level by creating an elevation policy, which is a series of registry keys and values that tell Protected Mode how to handle elevation for a specific broker. Elevation policies must have a globally unique identifier (GUID) associated with them. Use CreateGuid to create a new GUID for your policy. Next, add a key to the following location.

It then proceeds to describe the registry entries requires to silently elevate the help process:

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8e884ace-bee4-11e4-8dfc-aa07a5b093db}

  • AppName: REG_SZ = "Contoso.exe"
  • AppPath: REG_SZ = "C:\%USERPROFILE%\Application Data\Contoso"
  • Policy: REG_DWORD = 0x00000003

When I did the same reg entries manually to see if I go past these warnings, figured out that it was not working. Can someone tell me how to run the process silently from the BHO without any UAC warnings?

Kapil

uac
bho
asked on Stack Overflow Jun 23, 2010 by Kapil • edited Apr 2, 2021 by Ian Boyd

1 Answer

0

In response to @blueraja's comment above, here is the code I use tp spawn the process:

ProcessStartInfo info = new ProcessStartInfo();
info.FileName = binPath + "\\pngnqi.exe";
info.WindowStyle = ProcessWindowStyle.Hidden;
info.WindowStyle = ProcessWindowStyle.Hidden;
info.Arguments = " -e .jpg " + " \"" + filePath + "thumb_" + count + "\" " + " \"" + filePath + "temp\\" + count + "\" ";
Process pngnqi_process = Process.Start(info);
answered on Stack Overflow Jul 16, 2010 by Kapil

User contributions licensed under CC BY-SA 3.0