Why does the Windows Experience Index assessment require elevation?

What does the assessment do that can't be done under standard (limited) user permissions? And if the action(s) that necessitate elevation were allowed to be run by a standard user without elevation, what security risks would that open up?

I've read the Wikipedia articles on both the Experience Index assessment itself, and on UAC, as well as a couple of Microsoft articles on both topics and haven't found any helpful information so far.

Dan Henderson

Posted 2015-10-20T19:18:53.127

Reputation: 865

Answers

The thing that it is doing that requires elevated permissions is writing to C:\Windows\Performance\WinSAT\DataStore.

The experience index is a system wide value, windows is designed with the philosophy that a non elevated user should not be able to change a setting that would affect another non elevated user. Most all things in windows that are not user specific require elevation to change.

Scott Chamberlain

Posted 2015-10-20T19:18:53.127

Reputation: 28 923

That's it? So it's not the assessment itself that requires elevation, just the act of recording the result? Wow. Seems like that should have been something they fixed with the UAC overhaul between Vista and Windows 7. – Dan Henderson – 2015-10-20T23:42:52.170

@DanHenderson No, you missed my point, it's not the act of recording the result (although it still does require it), its the act of changing a system level value that affects all users of the system. Non elevated users are not allowed to make changes that affect other non elevated users, that is the reason it needs to be elevated. – Scott Chamberlain – 2015-10-20T23:57:35.370

How does the Experience Index "affect" anyone, though? – Dan Henderson – 2015-10-21T00:53:05.720

1It causes numbers to change and hurts my feelings, Microsoft is making sure you can't hurt my feelings :) – Scott Chamberlain – 2015-10-21T00:57:28.213

I'm not sure if I should create a new question for this follow-up question, mainly because it's probably not answerable (within the scope of this site, anyway): Why does the WEI, a tool that merely evaluates your hardware, record its results in a protected directory, thus requiring elevation, instead of recording its results somewhere that wouldn't require elevation? – Dan Henderson – 2016-01-28T19:52:34.030

(I'm assuming based on this answer that if I could somehow run the tool without elevation, it would still work, it just wouldn't be able to record the result into C:\Windows\Performance\WinSAT\DataStore. And so if I could also somehow provide it an alternate location to record the result, like, say, C:\Users\Dan\AppData\Local\WinSAT\DataStore, it could run perfectly fine without elevation, right?) – Dan Henderson – 2016-01-28T19:54:32.960

Elevation is required to access information about the system. Microsoft has determined that this information requires elevated permissions.

Do note that it will also run some tests, but security wise speaking, it probably could be run by a normal user.

Then again, in system properties, opening device manager also requires elevation. There's not a "view only" mode either, probably for the very same reason.

If its just lazy or it has some technical reasons why it requires elevation is probably only known by Microsoft.

LPChip

Posted 2015-10-20T19:18:53.127

Reputation: 42 190

Note that a non-admin user can launch Device Manager, supply their own credentials, and will get an alert "You are logged on as a standard user. You can view device settings in Device Manager, but you must be logged on as an administrator to make changes." ...which is essentially "view only" mode. – Dan Henderson – 2015-10-20T20:18:50.043

Ah, good point. Didn't know that. Maybe the same applies to the windows experience index, although it may actually need admin permissions to write the index score to the internal database. – LPChip – 2015-10-20T20:20:49.937

Regardless, this answer will need quite a bit of work before I could accept it. 3 out of the 6 sentences are speculative, and the only part that directly addresses the question - "to access information about the system" - needs a lot more detail to be useful. – Dan Henderson – 2015-10-20T20:24:55.700