0211: rundll32 Calls (User Account Control)

AdminStudio 11.5 | Application Manager

Edition: This test is included in the AdminStudio Application Compatibility Pack.

For the 0211 OS and Browser Compatibility test, the Windows Installer database is scanned for references to rundll32.exe.

Test Group/Test Category

OS and Browser Compatibility/Windows 7 64-Bit

Severity

Error

Messages

This Windows Installer database contains a custom action calling rundll32.exe (Table:CustomAction, Key: [CUSTOM_ACTION_KEY]).
This Windows Installer database contains a system startup registry entry calling rundll32.exe (Table: Registry, Key: [REGISTRY_ENTRY]).
This Windows Installer database contains a shortcut to rundll32.exe (Table:Shortcut, Key: [SHORTCUT_KEY]).
This Windows Installer database contains a reference to rundll32.exe in Windows Installer property (Table:Property, Key: [PROPERTY]).

Background

The Windows tool rundll32.exe is used to run executable code in DLL files as if it were called by an application. On Windows Vista and later systems, User Account Control (UAC) can cause problems for solutions that use rundll32.exe. When an application that relies on rundll32.exe needs elevated privileges to perform some global tasks, it is rundll32.exe (rather than the application) that requests the UAC elevation prompt. As a result, the user sees a request from Windows host process (rundll32). Without a clear description and icon for the application that is requesting elevation, users have no way to identify the application and determine whether it is safe to elevate it. Any DLL that runs under rundll32.exe and that needs elevation should be modified into an executable file that has its elevation level set in its manifest.

Resolution

The following resolutions are available. Note that this issue is not resolved automatically by default.

Manual Fix

A "Run DLL as an app" DLL call should be wrapped in a separate executable file. Additionally, a manifest file for this executable file should be included with the required elevated privileges setting.

Basic Auto Fix

No resolution is available.

Advanced Auto Fix

No resolution is available.

See Also