Hi Guys,

SOME BACKGROUNG

- I am writing a software for Windows (WinXP and above, in C++), that requires measuring the CPU temperature.

- There are two WMI interfaces for this : MSAcpi_ThermalZoneTemperature and Win32_TemperatureProbe.

Although not all hardware manufactures implement their part in the interface within their drivers.

(http://social.technet.microsoft.com/Forums/de-DE/eecc509c-481d-44d2-b5e5-57cb7174e0d7/ms-windows-should-implement-working-cpu-temperature-monitoring-in-wmi-service?forum=perfmon)

- There are hardware monitors that bypass the user space using a kernel mode driver in order to inject
assembly instructions directly to the processor.

- The Open Hardware Monitor software for example which is open source (written in C#) uses WinRing0.sys.
I modified it into a simple console app that returns the temperature.

- OHM implement the temperature retrieval interface in the following files:
(https://code.google.com/p/open-hardware-monitor/source/browse/trunk/Hardware/?r=366#Hardware%2FCPU)

- (Each model of each hardware manufacture has it's own assembly interface to access the temperature sensors) ~

- There is also a propriety SDK by CPUID, and an extension mechanism by CoreTemp.


MY QUESTION

All of these solutions require a quite restrictive security token - there is a bumping UAC (User Account Control) dialog (Vista and above).
OHM requires system admin privileges for example.

Is there a way to eliminate this?

Some useful links:
http://www.codeproject.com/KB/vista-security/VistaSessions.aspx?msg=3198293
http://www.codeproject.com/Articles/35773/Subverting-Vista-UAC-in-Both-32-and-64-bit-Archite

I tried those techniques without success so far (I am using Win8.0).

Any ideas?

CPU temperature and certain other live performance metrics are classic side-channel attack vectors. It also allows bad guys to verify their attacks are working or suggests to attempt a different attack method. (CPU isn't rising quick enough and the fans didn't shut off? Try a different set of codes...)

There are many good reasons for requiring the permissions.

What are you doing that makes you want to attempt to show the temperatures? Apart from the "Gee Whiz L33t" factor, why does your software need it?

Thanks frob for your comment.
I agree.

This subset is part of a product I am doing for a company, as a freelancer.
I signed an NDA so I can't reveal more details regarding it's use.

Rest assured that If it wasn't legal I wouldn't:
0. do it.
1. ask such question here.

I'm not asking about legality, just the motivation.

I cannot think of a case where a game benefits from tracking the temperature of various hardware. You don't know the tolerances of the hardware or the nature of the sensors or their calibration and accuracy; relying on them for your own performance reasons seems specious. You might be able to show of the numbers "Your CPU reports it is running at 93'F" but the information is mostly there for show. You can't really do anything about it, and basing code actions against the readings is likely to give unsatisfactory results in many cases. If you are going to shut down outside of a temperature range, for example, what about if the temperature reports are faulty? Are you going to shut down if a sensor gives a 5000 degree reading on one sample? Are you going to shut down on a 30'C temperature reading even if the hardware is rated for 40'C or more? Perhaps on a specific set of hardware this might be useful, but in that specific set of cases you could easily get permissions. In a broad user base the information is nearly useless except for show.

There might be ways to get you non-privileged information that meets your needs if you could share your goal. If you cannot share your goal, that is up to you but it will make it harder to give useful alternatives.

If you're looking to avoid the warning happening over and over on developer machines during development, you should be able to create a task and run the task with schtasks.exe /RUN /TN "Taskname" (note: I haven't tested on Win8, but can't imagine they'd have removed this)

If you're looking to use source code to elevate your privilege level without ever having the privilege level in the first place, that would be an exploit and even if you found one that works it would get closed by Microsoft eventually.

On shipping the product, you'd have to obtain a certificate to avoid UAC popups for users.