Is the secure location to bypass User Interface Privilege Isolation (UIPI) configurable?

Vishnu Gopalakrishnan 126 Reputation points
2021-09-28T03:53:45.44+00:00

We would like to bypass Interface Privilege Isolation (UIPI) for some applications by specifying UIAccess = true in manifest files. Is it possible to add our own folder as a secure location like,

Windows App SDK
Windows App SDK
A set of Microsoft open-source libraries, frameworks, components, and tools to be used in apps to access Windows platform functionality on many versions of Windows. Previously known as Project Reunion.
727 questions
Windows API - Win32
Windows API - Win32
A core set of Windows application programming interfaces (APIs) for desktop and server applications. Previously known as Win32 API.
2,430 questions
Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,767 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Limitless Technology 39,396 Reputation points
    2021-09-28T15:01:36.017+00:00

    Hi there,

    It is not configurable. You can see in the link that Relatively secure locations are limited to the following directories:
    \Program Files\ including subdirectories
    \Windows\system32\
    \Program Files (x86)\ including subdirectories for 64-bit versions of Windows

    So it is limited to only certain directories.

    If the reply is helpful, please Upvote and Accept it as an answer

    0 comments
  2. Vishnu Gopalakrishnan 126 Reputation points
    2021-09-29T12:13:31.833+00:00

    Thank you all for supports.

    Is this a good option - https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/dd834830(v=ws.11)
    i.e Disable User Account Control: Only elevate UIAccess applications that are installed in secure locations and completely rely on the signing mechanism.