Closing osk.exe from other application

Hello,

I need to start and close the osk.exe from my application. Once I start it, I'm not able to close it by PostMessage(hWnd,WM_QUIT,0,0). It's returning "Access Denied" error because of different IL. My application runs at medium integrity level. "OSK.EXE" is always running at high integrity level. I tried to start "osk.exe" at low or medium integrity level but it was giving the error "requested operation require elevation". If I run my application at high integrity level using "run as administrator" then it works fine. I don't think it is going to be a good experience if everytime user start my application from "run as administartor" menu.

I'd appreciate if someone can suggest the solution to above problem.

Regards,

Gurmit

Thanks for your response Andy. We've a button (both software and hardware) to toggle the keyboard. So it would not be unexpected when user is explicity closing the keyboard.

I'm also wondering why osk.exe is starting in high integrity level without user confirmation. Can we start a process in high integrity level without user's confirmation If yes then how and if not then how is osk.exe doing it

Gurmit Teotia wrote:

I'm also wondering why osk.exe is starting in high integrity level without user confirmation. Can we start a process in high integrity level without user's confirmation If yes then how and if not then how is osk.exe doing it.

It doesn't, it has the requestedExecutionLevel set to asInvoker (you can verify this by extracting the manifest using mt.exe). However, because it has UIAccess=true and meets all the necessary conditions (digitally signed, installed in a trusted location etc), it sits the other side of UIPI which means that it can send messages to high integrity applications but also prevents medium/low integrity processes from sending messages to it.

I've verified that osk.exe is starting in high integrity level from process explorer and my code. True, it has requestedExecutionLevel set to asInvoker and my application in medium integrity level, still my application starts it and it never ask for user confirmation. Can a medium integrity level process start a new process in high integrity level That is exactly happening with me and you can also verify that.

Thanks for your repsone Andy. What are the requirements for a process to start in high integrity level without showing the UAC prompt I even digitally sign my application. I also want to start my application in high integrity level without UAC prompt.

Gurmit

From: Windows Vista Application Development Requirements for User Account Control Compatibility

"Important

Applications with the uiAccess flag set to true must be Authenticode signed to start properly. In addition, the application must reside in a protected location in the file system. \Program Files\ and \Windows\System32\ are currently the two allowable protected locations."

Excellent, I was able to solve it. Link was very useful.

Thank you.

Gurmiot