New
#31
They do, and always have. But if you’ve created the .lnk in another folder, outside the Favorites hierarchy, and moved it into Favorites Bar folder, you’ll never get the prompt because it won’t get the low integrity label. This is due to integrity levels being part of a file’s SACL, with the auditing information. The rules of inheritance are slightly different for SACL entries compared to those of the DACL. SACL ACEs update less often, and tend not to update at all when the item is moved around.
My guess is that, both times (before and after installing the hotfix), you’ve created a shortcut outside Favorites Bar, moved it into Favorites Bar, invoked it and observed no prompt. While when testing internet shortcuts you created them within the Favorites folder hierarchy.
This behaviour is no different before and after hotfix KB3185319. Nothing has changed for shortcuts, only internet shortcuts.
I also have an explanation for this. And you might realise this isn’t so surprising.
The security prompt is strictly related to Windows Explorer and has nothing to do with Internet Explorer or any other browser. When a user invokes a low integrity item from Windows Explorer, Explorer knows, and may decide to intervene in the operation; issue any prompt it likes. The security prompt is precisely part of Windows Explorer.
Applications never receive any warning when it comes to accessing low integrity items (unless they are some how running lower than the Low integrity level, in which case they are denied access from them) because they will either be running at a higher integrity, in which case access is granted, or it will also be running at a low integrity, in which case access is still granted.
When you invoke a shortcut from Windows Explorer, it is able to be confident that you are trying to open the shortcut (seeming assuming it is exposing the user to a security risk).
When you drag-drop a shortcut into an application’s window, the application receives a string of the path to the dropped it. In the case of browsers they will read in the shortcut file directly and carry out suitable actions from there.
Explorer cannot know for sure if the shortcut is being opened, and thus I conclude there’s no chance for a security prompt to occur then.
Yes, I’m learning quite a bit from this discussion as well, UNI. Much more so than that… previous talk we’ve had.