none
Is this a security bug in Windows 8.1?

    Question

  • I think I have discovered a serious security bug in Windows 8.1.

    Today I was using my (non-Admin) user account and with Internet Explorer I saved a file in the default Downloads folder (under This PC). The file was saved, but when I went to that folder, the file was not there! Now, I was about to downloaded it again, using IE, same as before, when I noticed in the Save dialog box that the file had indeed been downloaded, and that it was there, in the Downloads folder under This PC. Frustrated, I went to that very folder, but the file was nowhere to be found. I was really puzzled.

    Then, by chance, while logged in another account (namely the Admin account), I happened to go to the Downloads folder, and there was the file that I had downloaded using the other account.

    Obviously, what I described above represents a security problem: firstly because my private files may get saved by mistake into another person's account without me even realizing it, and secondly because I was able to access another person account (i.e. the Admin account) via the IE's Save dialog box, seeing the list of the files there, and possibly even accessing them (I have not tried the latter, though).

    Has anyone experienced anything like the situation I described?

    I must also say that I later tried to replicate this abnormal behavior, but for some unknown reason I couldn't. Anyway, I am sure that what I described above is an accurate account of how things went.




    • Edited by GEOR56 Saturday, November 16, 2013 4:52 PM
    Saturday, November 16, 2013 4:24 PM

Answers

  • Hi,

    Since I cannot repro your issue on my own computer, it cannot be a bug.

    I suggest we try to use another user account to see if there is the same issue happened.

    Please make sure your location of download folder is right:

    1.        Right click Downloads folder, and choose Properties.
    2.        Make sure the location is right under your user profile.
    3.        If not, please click Location and click Restore default.

    If we still fail to solve you issue, please run Process monitor at the end of the downloading process to capture the actions, and upload the save log here for further research.

    You can also check if there is any weird actions at the end of downloading process.

    Process Monitor v3.05

    http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx

    How to use, please refer to this article:

    Using Process Monitor to capture system events

    http://www.sophos.com/en-us/support/knowledgebase/119038.aspx

    Keep post.


    Kate Li
    TechNet Community Support

    Monday, November 18, 2013 11:25 AM
  • Try run as standard user and right click on Internet Explorer and run as administrator, it will ask for your administrator password and if you enter it correctly, it will run as administrator and the exact thing will happen.

    This is NOT a bug, because it is normal behavior that when you run as another user (administrator), it has access to administrator folder. You couldn't do that if you don't know administrator password.

    Wednesday, November 20, 2013 3:46 PM
  • I have finally nailed down the origin of the problem that I described in my first post.

    It all comes down to the way Internet Explorer was started. I did not use the "run as an Administrator" option, but I discovered that there is another way through which this Administration option is automatically triggered: if you launch Internet Explorer (or any other program) through a file manager that does have Administrator privileges. And that's exactly what happened to me.

    I routinely run my file manager (Double Commander or Altap Salamander) in "Admin mode" because I need the administration privileges for some of the maintenance operations. Now, when Internet Explorer is launched via the file manager (perhaps even just by clicking on an HTML file and opening it), IE will run in Admin mode, with the confusing consequences described in the original post, and the potential breach of security.

    I did find the explanation, and now I know how to deal with the matter. But let me comment that I am not satisfied at all with the way things are handled by Windows. This Admin-privileges-BY-PROXY behaviour is one of the many subtle things that compromise the security of the operating system. Even knowing that it is so by design and it is not a bug does not change my opinion of it. Very disappointing.

     

    • Marked as answer by GEOR56 Friday, January 17, 2014 1:47 PM
    Friday, January 17, 2014 1:45 PM

All replies

  • Did you run Internet Explorer as administrator?

    By right click and run as administrator?

    This will happen , if you open an application as administrator in another account (e.g. standard user).

    Sunday, November 17, 2013 3:16 AM
  • >Did you run Internet Explorer as administrator?

    >By right click and run as administrator?

    >This will happen , if you open an application as administrator in another account (e.g. standard user).

    I certainly don't remember doing so. And I can't even think of a reason why I might have done so when opening Internet Explorer.

    At most, during that session, I may have entered the Admin password, when asked. But running Internet Explorer "as administrator" seems very unlikely.

    Sunday, November 17, 2013 11:23 AM
  • Hi,

    Since I cannot repro your issue on my own computer, it cannot be a bug.

    I suggest we try to use another user account to see if there is the same issue happened.

    Please make sure your location of download folder is right:

    1.        Right click Downloads folder, and choose Properties.
    2.        Make sure the location is right under your user profile.
    3.        If not, please click Location and click Restore default.

    If we still fail to solve you issue, please run Process monitor at the end of the downloading process to capture the actions, and upload the save log here for further research.

    You can also check if there is any weird actions at the end of downloading process.

    Process Monitor v3.05

    http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx

    How to use, please refer to this article:

    Using Process Monitor to capture system events

    http://www.sophos.com/en-us/support/knowledgebase/119038.aspx

    Keep post.


    Kate Li
    TechNet Community Support

    Monday, November 18, 2013 11:25 AM
  • What, you have concluded that it is not a bug only because you were not able to reproduce it?!?

    As I said, when I tried to reproduce it myself, I couldn't. I don't know why. But the problem did take place as described. That's all I know.

    Tuesday, November 19, 2013 8:30 PM
  • Try run as standard user and right click on Internet Explorer and run as administrator, it will ask for your administrator password and if you enter it correctly, it will run as administrator and the exact thing will happen.

    This is NOT a bug, because it is normal behavior that when you run as another user (administrator), it has access to administrator folder. You couldn't do that if you don't know administrator password.

    Wednesday, November 20, 2013 3:46 PM
  • I have finally nailed down the origin of the problem that I described in my first post.

    It all comes down to the way Internet Explorer was started. I did not use the "run as an Administrator" option, but I discovered that there is another way through which this Administration option is automatically triggered: if you launch Internet Explorer (or any other program) through a file manager that does have Administrator privileges. And that's exactly what happened to me.

    I routinely run my file manager (Double Commander or Altap Salamander) in "Admin mode" because I need the administration privileges for some of the maintenance operations. Now, when Internet Explorer is launched via the file manager (perhaps even just by clicking on an HTML file and opening it), IE will run in Admin mode, with the confusing consequences described in the original post, and the potential breach of security.

    I did find the explanation, and now I know how to deal with the matter. But let me comment that I am not satisfied at all with the way things are handled by Windows. This Admin-privileges-BY-PROXY behaviour is one of the many subtle things that compromise the security of the operating system. Even knowing that it is so by design and it is not a bug does not change my opinion of it. Very disappointing.

     

    • Marked as answer by GEOR56 Friday, January 17, 2014 1:47 PM
    Friday, January 17, 2014 1:45 PM