• We've upgraded our forums. Please post any issues/requests in this thread.

Potential security issue

Joined
May 9, 2013
Messages
8 (0.00/day)
Likes
0
System Name MSI GX660
Processor i7 840QM
Video Card(s) AMD 7970m 2GB DDR5
Software Windows 7 x64
#1
Since the tool runs elevated with admin rights, clicking on the Validation tab links may lead to security issues because the opening browser will inherit and go on the net with the same privileges (disabling also Protected mode for example with IE...). The same happens when new versions are found and you're asked to update through a web link...

Please make sure the links are launched with current user privileges, not with the same inherited by GPU-z.
 

Aquinus

Resident Wat-man
Joined
Jan 28, 2012
Messages
10,398 (4.85/day)
Likes
5,477
Location
Concord, NH
System Name Kratos
Processor Intel Core i7 3930k @ 4.2Ghz
Motherboard ASUS P9X79 Deluxe
Cooling Zalman CPNS9900MAX 130mm
Memory G.Skill DDR3-2133, 16gb (4x4gb) @ 9-11-10-28-108-1T 1.65v
Video Card(s) MSI AMD Radeon R9 390 GAMING 8GB @ PCI-E 3.0
Storage 2x120Gb SATA3 Corsair Force GT Raid-0, 4x1Tb RAID-5, 1x500GB
Display(s) 1x LG 27UD69P (4k), 2x Dell S2340M (1080p)
Case Antec 1200
Audio Device(s) Onboard Realtek® ALC898 8-Channel High Definition Audio
Power Supply Seasonic 1000-watt 80 PLUS Platinum
Mouse Logitech G602
Keyboard Rosewill RK-9100
Software Ubuntu 17.10
Benchmark Scores Benchmarks aren't everything.
#2
Since the tool runs elevated with admin rights, clicking on the Validation tab links may lead to security issues because the opening browser will inherit and go on the net with the same privileges (disabling also Protected mode for example with IE...). The same happens when new versions are found and you're asked to update through a web link...

Please make sure the links are launched with current user privileges, not with the same inherited by GPU-z.
I don't think you can do that. An application runs as only one users and when the application launches another one it will always be as the current user. I don't see many easy ways to get around this. It is only a security hole if you use that browser after it opens for other things, but I don't think what you asking is easily achievable.

I'm sure W1zz will comment on the matter.
 
Joined
May 9, 2013
Messages
8 (0.00/day)
Likes
0
System Name MSI GX660
Processor i7 840QM
Video Card(s) AMD 7970m 2GB DDR5
Software Windows 7 x64
#3
No.
You can test this yourself:
0. enable UAC if you don't have it enabled, and enable Protected mode in IE 9/10.
1. close all IE9/10 windows.
3. run GPU-z and go to the tab Validation
4. click on the link in blue 'here'. It will open a new IE instance and go to that URL.
5. on an empty page area right-click and choose "Properties":
Area: Protected mode disabled

It's a potential issue as no-one will notice you're running the web "unprotected" after visiting that link (and the web page may be hacked or something else...). I'm sure there's a way to force current user privileges for a launched application, not inherited by parent task, at least I hope so...

http://stackoverflow.com/questions/...-current-user-privilege-from-an-admin-process
 
Last edited:

Aquinus

Resident Wat-man
Joined
Jan 28, 2012
Messages
10,398 (4.85/day)
Likes
5,477
Location
Concord, NH
System Name Kratos
Processor Intel Core i7 3930k @ 4.2Ghz
Motherboard ASUS P9X79 Deluxe
Cooling Zalman CPNS9900MAX 130mm
Memory G.Skill DDR3-2133, 16gb (4x4gb) @ 9-11-10-28-108-1T 1.65v
Video Card(s) MSI AMD Radeon R9 390 GAMING 8GB @ PCI-E 3.0
Storage 2x120Gb SATA3 Corsair Force GT Raid-0, 4x1Tb RAID-5, 1x500GB
Display(s) 1x LG 27UD69P (4k), 2x Dell S2340M (1080p)
Case Antec 1200
Audio Device(s) Onboard Realtek® ALC898 8-Channel High Definition Audio
Power Supply Seasonic 1000-watt 80 PLUS Platinum
Mouse Logitech G602
Keyboard Rosewill RK-9100
Software Ubuntu 17.10
Benchmark Scores Benchmarks aren't everything.
#4
No.
You can test this yourself:
0. enable UAC if you don't have it enabled, and enable Protected mode in IE 9/10.
1. close all IE9/10 windows.
3. run GPU-z and go to the tab Validation
4. click on the link in blue 'here'. It will open a new IE instance and go to that URL.
5. on an empty page area right-click and choose "Properties":
Area: Protected mode disabled

It's a potential issue as no-one will notice you're running the web "unprotected" after visiting that link (and the web page may be hacked or something else...). I'm sure there's a way to force current user privileges for a launched application, not inherited by parent task.
You clearly didn't read my post.

First of all, what you're asking very well might not be possible.

What's you're describe also (protected mode disabled under UAC admin,) is the default behavior for IE under the admin account. You can't change the settings because this is hard coded into IE. If IE starts was elevated privileges protected mode will be disabled and there is no way to enable it with elevated permissions since nothing is restricting it.

So if you can't start IE as another user and this is default behavior for MSIE, this isn't correctable so you can complain about how bad it is as much as you want, but you're complaining to the wrong people because this is all Microsoft and Windows that is doing that and GPU-Z only shows it because it is required to be run with elevated permissions.

My advice would be: If this really bothers you, then don't use IE, but no one here will be able to fix that for you since it's expected behavior of Windows (not even GPU-Z.)

Your link looks neat, but W1zz still has to implement it which may or may not work. It's a work around for the shortcomings of IE though and I'm not sure if it's worth the time versus just informing people. He'll make that call though, not me.
 
Joined
May 9, 2013
Messages
8 (0.00/day)
Likes
0
System Name MSI GX660
Processor i7 840QM
Video Card(s) AMD 7970m 2GB DDR5
Software Windows 7 x64
#5
You clearly didn't read my post.

First of all, what you're asking very well might not be possible.

What's you're describe also (protected mode disabled under UAC admin,) is the default behavior for IE under the admin account. You can't change the settings because this is hard coded into IE. If IE starts was elevated privileges protected mode will be disabled and there is no way to enable it with elevated permissions since nothing is restricting it.

So if you can't start IE as another user and this is default behavior for MSIE, this isn't correctable so you can complain about how bad it is as much as you want, but you're complaining to the wrong people because this is all Microsoft and Windows that is doing that and GPU-Z only shows it because it is required to be run with elevated permissions.

My advice would be: If this really bothers you, then don't use IE, but no one here will be able to fix that for you since it's expected behavior of Windows (not even GPU-Z.)

Your link looks neat, but W1zz still has to implement it which may or may not work. It's a work around for the shortcomings of IE though and I'm not sure if it's worth the time versus just informing people. He'll make that call though, not me.
What about a launcher task that runs with current-user privileges to start the GPU-z elevated child process, AND handle external links?
 
Last edited:

RCoon

Gaming Moderator
Staff member
Joined
Apr 19, 2012
Messages
11,365 (5.51/day)
Likes
9,492
Location
Gypsyland, UK
System Name HP Omen 17
Processor i7 7700HQ
Memory 16GB 2400Mhz DDR4
Video Card(s) GTX 1060
Storage Samsung SM961 256GB + HGST 1TB
Display(s) 1080p IPS G-SYNC 75Hz
Audio Device(s) Bang & Olufsen
Power Supply 230W
Mouse Roccat Kone XTD+
Software Win 10 Pro
#6
People use IE other than for downloading a new browser?
Dont use IE?
 
Joined
May 9, 2013
Messages
8 (0.00/day)
Likes
0
System Name MSI GX660
Processor i7 840QM
Video Card(s) AMD 7970m 2GB DDR5
Software Windows 7 x64
#7
People use IE other than for downloading a new browser?
Dont use IE?
Please let's not start another boring flame VS IE... FFox for example does not even have a sandbox like IE and Chrome and has many cirtical vulnerabilities (as for all browsers): http://www.mozilla.org/security/known-vulnerabilities/firefox.html

I don't think it's a IE-only issue: all tasks and browsers launched within GPU-z will inherit its privileges resulting in a security potential risk on the web...
Other interesting links:
http://www.codeproject.com/Articles/90713/Run-an-application-under-current-logon-user-s-priv
http://support.microsoft.com/kb/2278183
http://msdn.microsoft.com/en-us/library/windows/desktop/ms682429(v=vs.85).aspx
http://msdn.microsoft.com/en-us/library/bb625960.aspx
 
Last edited:

W1zzard

Administrator
Staff member
Joined
May 14, 2004
Messages
17,042 (3.44/day)
Likes
17,900
Processor Core i7-4790K
Memory 16 GB
Video Card(s) GTX 1080
Display(s) 30" 2560x1600 + 19" 1280x1024
Software Windows 7
#8
I'm sure there's a way to force current user privileges for a launched application, not inherited by parent task
couldn't find one.

the most promising solution seems to add a task to task scheduler that runs a program as currently logged in user, now. clearly not a solution
 

Easy Rhino

Linux Advocate
Joined
Nov 13, 2006
Messages
14,405 (3.56/day)
Likes
4,256
System Name VHOST01 | Desktop
Processor i7 980x | i5 7500 Kaby Lake
Motherboard Gigabyte x58 Extreme | AsRock MicroATX Z170M Exteme4
Cooling Prolimatech Megahelams | Stock
Memory 6x4 GB @ 1333 | 2x 8G Gskill Aegis DDR4 2400
Video Card(s) Nvidia GT 210 | Nvidia GTX 970 FTW+
Storage 4x2 TB Enterprise RAID5 |Corsair mForce nvme 250G
Display(s) N/A | Dell 27" 1440p 8bit GSYNC
Case Lian Li ATX Mid Tower | Corsair Carbide 400C
Audio Device(s) NA | On Board
Power Supply SeaSonic 500W Gold | Seasonic SSR-650GD Flagship Prime Series 650W Gold
Mouse N/A | Logitech G900 Chaos Spectrum
Keyboard N/A | Posiden Z RGB Cherry MX Brown
Software Centos 7 | Windows 10
#9
What about a launcher task that runs with current-user privileges to start the GPU-z elevated child process, AND handle external links?
good lord. this is a browser/OS security problem. w1z can't be asked to fix something that is Microsoft's problem. i would argue the best course of action is to use an alternative browser and make people aware of the inherent flaws in IE/Windows security design.
 

Mindweaver

Moderato®™
Staff member
Joined
Apr 16, 2009
Messages
6,572 (2.08/day)
Likes
3,906
Location
Charleston, SC
System Name Sechs / EyeSeven
Processor i7 5820k @ 4.5ghz / i7 2600k @ 4.0Ghz
Motherboard X99S GAMING 7 / ASRock Z68 Extreme3 Gen3
Cooling CORSAIR Hydro Series H100i Extreme / Stock cooler... H50 leaked!..
Memory G.Skill DDR4 2800 16GB 4x4GB / G.Skill DDR3 1600 8gb 2x4GB
Video Card(s) PNY Quadro K2000 / MSI GTX 970 GAMING 4Gb
Storage Samsung 850 PRO 256GB SSD /Intel 240gb, corsair 120gb SSD, 3x 1 tb s storage
Display(s) 2x Acer G276HL 27" 1080p / 3x Acer 22" Nvidia surround
Case Phanteks “Enthoo Pro series”/ Cooler Master Storm Scout
Audio Device(s) Azalia Realtek ALC1150 / SB X-Fi Gamer
Power Supply Corsair CXM CX600M / Corsair 600w
Mouse Razer DeathAdder Chroma / Razer DeathAdder
Keyboard Razer BlackWidow Ultimate /
Software Windows 10 Pro x64 / Windows 10 Pro x64
#10
If you are worried about your browsing habits after you have updated, then why not close the browser and re-open? Why click the link to open your browser to obtain the new update if you are worried? I would just become a active member at TPU and grab the new GPU-Z when btarunr posts it in the news section... Err wait I already do that.. ;) Honestly you're worried about your browsing habits after GPU-Z launches your browser for the new update.. I don't see that as being a GPU-Z flaw. ;)
 
Joined
May 9, 2013
Messages
8 (0.00/day)
Likes
0
System Name MSI GX660
Processor i7 840QM
Video Card(s) AMD 7970m 2GB DDR5
Software Windows 7 x64
#11
couldn't find one.

the most promising solution seems to add a task to task scheduler that runs a program as currently logged in user, now. clearly not a solution
Yes, it's something MS should add to the OS. The "potential problem" is obviously not limited to GPU-z only but to all programs with admin rights able to open a link. There should be an easy way to launch a task with a lower privilege level with Windows, and MS should provide a documented solution.

i would argue the best course of action is to use an alternative browser and make people aware of the inherent flaws in IE/Windows security design.
Happens the same with FFox and other browsers since they'll run with Admin privileges. It's not a IE specific flaw.

If you are worried about your browsing habits after you have updated, then why not close the browser and re-open? Why click the link to open your browser to obtain the new update if you are worried? I would just become a active member at TPU and grab the new GPU-Z when btarunr posts it in the news section... Err wait I already do that.. ;) Honestly you're worried about your browsing habits after GPU-Z launches your browser for the new update.. I don't see that as being a GPU-Z flaw. ;)
Of course I know how to avoid that with a workaround solution :laugh: but many users won't notice this and will be exposed to more potential security risks once their browser will have the highest privileges.

Thank you for your replies...