Windows Cloud: Part 3!

At the end, Windows Cloud is nothing more or less than a Professional variant with UMCI enforced.

As such, its compatibility with existing Windows software* is only and solely prevented by having UMCI enabled and active.

Rumours of Win32’s death are exaggerated to say the least, Windows itself relies on it.

* Centennial apps do not run in an AppContainer, so they are subjected to the UMCI signature checks.

A hacky way was implemented in some cases, through SmartScreen, but that’s quite easy to workaround. There is no lists of disallowed programs anywhere, it’s done fully via code signing.

Comments: 4

  1. fre4kyC0de says:

    Which way did you disable UMCI?
    I just used a private bootmgfw.efi-/winload.efi-Exploit to patch CI!g_CiOptions |= 0x8 and nt!SeILSigningPolicy = 0 inside the kernel
    Everything works fine. I’m able to install drivers, programs and do what I want.

    • woachk says:

      oh, I used a completely different way which works with SecureBoot enabled 😉

  2. fre4kyC0dde says:

    Mine too. The only problem is, that PatchGuard sometimes catches me, if I play around with the kernel… (not doing all patches using ROP)

    • woachk says:

      oh, PatchGuard can be disabled at runtime through several ways without crashing in the long term

Leave a Reply

Your email address will not be published. Required fields are marked *