My application is run as the current user without admin privileges. It then installs a keyboard hook to catch key events using SetWindowsHookEx with WH_KEYBOARD_LL (not the DLL injection one). It works fine for keystrokes into a fellow non-admin window however it doesn't catch any for a window that was run as administrator. I would like it to work for both.
From a security perspective, I suppose this makes sense, however it's quite annoying that this crept up on me (couldn't find anything indicating this in the WinAPI docs). Is there any way I can mitigate this without having to run my application as administrator? Also, would the main alternative, RawInputAPI still have this problem?
Hans Passant's suggestion is the best answer I can find. That is, to specify uiAccess="true" in the app.manifest which appears to work once you get the requirements in place (signed app, protected directory).
Unfortunately there's another problem which is how do I start the app from another signed app with uiAccess. This is a separate question here:
Is it possible to start a process with uiAccess=true from another process with uiAccess=true