What is the point of 3rd party services in Windows OS with just one admin/user account?

[OpenSource Ghost]

As far as I know 3rd party software services in Windows OS simply impersonate administrator account + get system-level permissions/privileges. I can see how that can help in multi-user environments, where at least one user has user-only privileges and cannot launch whichever software that requires administrative privileges. In such a case the respective running service allows the user with user-only privileges to run the software that requires administrator-level privileges.

What about environments where there is only one user who is also the administrator? Why provide software with privileges it doesn't need by running it as service instead of running it as administrator?

 

[pendragon1]

you dont

 

[philb2]

As far as I know 3rd party software services in Windows OS simply impersonate administrator account + get system-level permissions/privileges. I can see how that can help in multi-user environments, where at least one user has user-only privileges and cannot launch whichever software that requires administrative privileges. In such a case the respective running service allows the user with user-only privileges to run the software that requires administrator-level privileges.

What are examples of such services?

 

[LukeTbk]

Can they do stuff without the user being logged on ? (and being remote accessible without a local account ?)

I can see why a media streaming like emby-plex would offer to run as a window service and other application of the sorts that is not made to interact with the computer user via any interface at all

 

[OpenSource Ghost]

Can they do stuff without the user being logged on ? (and being remote accessible without a local account ?)

I can see why a media streaming like emby-plex would offer to run as a window service and other application of the sorts that is not made to interact with the computer user via any interface at all

Yeah... Admin impersonation without need for user interaction just screams CVE X - Remote Code Execution - CRITICAL (No User Interaction Necessary). I guess it comes down to "security vs convenience" concept.

 

[Axman]

Why provide software with privileges it doesn't need by running it as service instead of running it as administrator?

So you don't run some fucking malware that steals all your passwords?

 

[OpenSource Ghost]

Malware is not necessary. Check out Microsoft's official Windows Update security fixes and count the number of RCE exploits/vulnerabilities patched each month. That's just the OS. Then there are non-malware 3rd party programs. If malware was the only way to exploit software, then not having such malware would make it OK to run OS completely rooted (TrustedInstaller permission for Windows) or just run everything in kernel-space, both of which are terrible ideas.