[[OLD] Aero Glass for Win8.1+]

Well, that was a heated discussion back there.. anyway it doesn't take a genius to understand that DWMglass.dll somehow screws up system security.

Hell, one of the versions of aero glass requires secure boot to be disabled??! WTH. No thanks. I'll stick around with ugly flat windows borders while I wait

for someone to crack Mr. Developer's tool or create a tool of his own, free with no nags.

Your tool is fantastic, Mr. Developer. Too bad you let yourself be taken by greed.

cheers.

[[OLD] Aero Glass for Win8.1+]

Spring update debug version does not work for me.
Get an error saying " user is not mean to run this exe." ...Right.. wait, what?

So... nice job on the blur. Looks great. Heres what I see. And I checked many times, but correct me if any is wrong:

- Hooks lsass..exe (Local Security Authority Process) so it can take over the security policy of the entire system

- Uses that to allow DWM group to assign privieged security tokens that only exist for the purpose of the OS itself to use

- Hooks DWM and elevates privilege using the new tokens to bypass all security so it can hook csrss.exe

- Sets the protect flag on csrss.exe so nothing else can touch it (seems like good security until we circle back round)

- Uses this core system process in a highly restricted security context for the only purpose of showing a nag dialog box, which could be shown anywhere but then it could be closed with the X instead of the No button

- Leaves DWMGlass.dll in a medium integrity (regular user account, not running under elevation/as adminisrator) zone

- So all I need to do to take over a system is replace tihs file, that's not protected in any way by permissions, integrity level, or any sort of security whatsoever

No need to even get someone to run anything as admin. No need for an exe file. Just a hkcu reg add, change up DWMGlass.dll a bit, since its not even locked during user logon (seriously?), and I can do pretty much whatever with anyone who has this cool blur thing installed.

Thats not including all the user level security proceses compromised, no point mentioning given kernel security is the same as a text file on the desktop

Umm.. Mr. developer...just checking but... this is a tool to enable aero glass, no?

I don't mind if it's nagware or if you just found the goldmine of your life, but WTH is all that stuff Mr. Aphelion is talking about?
Care to explain?