Remote Assistance and the Secure Desktop

During a Windows 7 Remote Assistance session the User has the option of allowing the Helper to respond to UAC prompts, when a User consents to having a Helper share control of the computer. Typically, On a secure desktop, User Account Control prompts appear and consequently the Helper cannot see or respond to Secure Desktop prompts. When user logs on to computer or presses the Secure Attention Sequence (SAS) keys i.e (Ctrl+Alt+Delete) then the Secure Desktop mode is the same mode that a user sees. Instead of the user’s normal desktop to protect the user from unknowingly allowing malware to run with elevated privileges on computer, UAC elevation prompts are displayed on the Secure Desktop. The user must agree to a UAC prompt to return to her normal desktop and continue working. For a user to agree, it requires either clicking Continue or by entering local administrative credentials.

The Windows 7 Security Desktop on the User’s computer is not remoted to the Helper’s computer. This means that, User’s own credentials can only help the Helper to respond to UAC prompts on the User’s computer. In other words, if the User can first supply those credentials then only the Helper can have administrative privileges on the User’s computer. This limitation is necessary to make sure the security of Windows 7 desktops. The reason behind this design decision is that the User would be able to terminate the RA session and thus steal local administrative credentials from the Helper if Remote Assistance was architected to allow the Helper to remotely elevate the User’s privileges.