0

If a Windows user downloaded and ran a pirated computer game that contained malware and is granted administrative privileges, will it have access to localStorage or browser cookies?

schroeder
  • 123,438
  • 55
  • 284
  • 319
golopot
  • 109
  • 1
  • 3
    If it's got admin privileges, it can potentially access anything. Whether it will depends on what the author implemented – Matthew Apr 20 '17 at 12:37

1 Answers1

2

On PC's the browsers local storage and cookie storage is not specifically protected. This means that any process running with the same or higher privileges as the browser will be able to read and manipulate this storage. Thus, if you run the game as a different and low privilege user it will only be able to access the browser storage if it manages to elevate its privileges by using a security bug. But if you run the game as the same user as you run the browser no such exploit is needed.

Steffen Ullrich
  • 184,332
  • 29
  • 363
  • 424
  • Same user would have access, admin would have access, different non-admin would not. Also note, same-user but sandboxed (for example, most Windows Store app) probably won't have access; it depends on what exactly the sandbox permits. – CBHacking Apr 20 '17 at 17:22