ReHIPS forum

English Subforum => Developers' Blog => Topic started by: fixer on June 10, 2017, 12:47:08 PM

Title: [Bug] Broken CreateProcessWithTokenW API in Windows 2008
Post by: fixer on June 10, 2017, 12:47:08 PM
Calling CreateProcessWithTokenW API from service will fail. This call goes to a Windows service that tries to get Logon SID from the token of the thread calling API. But if this API was called from service, it'll have system token without any Logon SID. So it'll result in access denied error.

So don't use CreateProcessWithTokenW API in Windows 2008 from service or update Windows.

This issue was found several years ago, it wasn't fixed then. I haven't checked it since.