Interactive Services in Session 0
AdminStudio 2022 | 23.0 | Application Manager
Note:This test is not applicable to App-V packages.
For this operating system compatibility test, the Windows Installer database is scanned for the presence of services that are being installed or configured and that require interaction with the user’s environment.
Test Group/Test Category
| • | 0307—Operating System Compatibility/Windows 8.1 (32-Bit) |
| • | 0407—Operating System Compatibility/Windows 8.1 (64-Bit) |
| • | 2807—Operating System Compatibility/Windows 10-1809 (and 2019 LTSC) (32-Bit) |
| • | 5207—Operating System Compatibility/Windows 10-1909 (32-Bit) |
| • | 5407—Operating System Compatibility/Windows 10-2004 (32-Bit) |
| • | 5607—Operating System Compatibility/Windows 10-20H2 (32-Bit) |
| • | 5807—Operating System Compatibility/Windows 10-21H1 (32-Bit) |
| • | 7007—Operating System Compatibility/Windows 10-21H2 (32-Bit) |
| • | 2907—Operating System Compatibility/Windows 10-1809 (and 2019 LTSC) (64-Bit) |
| • | 5307—Operating System Compatibility/Windows 10-1909 (64-Bit) |
| • | 5507—Operating System Compatibility/Windows 10-2004 (64-Bit) |
| • | 5707—Operating System Compatibility/Windows 10-20H2 (64-Bit) |
| • | 5907—Operating System Compatibility/Windows 10-21H1 (64-Bit) |
| • | 7107—Operating System Compatibility/Windows 10-21H2 (64-Bit) |
| • | 6707—Operating System Compatibility/Windows 11-21H2 (64-Bit) |
| • | 0507—Operating System Compatibility/Windows Server 2012 |
| • | 0607—Operating System Compatibility/Windows Server 2016 |
| • | 1007—Operating System Compatibility/Windows Server 2019 |
Severity
Error
Message
This Windows Installer database contains interactive service [SERVICE_NAME] ([FILE_NAME]) (Table: ServiceInstall, Key: [SERVICEINSTALL_KEY]).
Background
Windows system processes and services run in Session 0. On systems earlier than Windows Vista, the first user who logged on to the console also used Session 0. Running services and user applications together in Session 0 poses a security risk because services run at elevated privileges and therefore are targets for malicious agents trying to elevate their own privilege levels. To eliminate the security risk, Session 0 is non-interactive on Windows Vista and later systems; that is, the first user logs on to Session 1. However, services still run in Session 0. This means that services that need to display user interface dialog boxes or communicate with user applications must properly secure a communication channel. If this is not done, the services fail to work properly on Windows 7 and later systems.
Resolution
The following resolutions are available. Note that this issue is not resolved automatically by default.
Manual Fix
An application compatible with the specified Windows operating system should be delivered by its manufacturer. Self-developed applications should be re-engineered to establish correct communications with required services that are running in Session 0.
Basic Auto Fix
No resolution is available.
Advanced Auto Fix
No resolution is available.
See Also
Impact of Session 0 Isolation on Services and Drivers in Windows