CVE-2024-29187 fix broke setup scenario, where setup gets started by a service account

[rkieslinger]

After updating from Wix 3.11.2.4516 to 3.14.1.8722, our setup fails if it gets started by a service account (Managed Service Account or Virtual Service Account).

It seems the newly introduced check, if a process is elevated, always returns true if it is run by a service account. This results in the temp directory always getting created under C:\Windows\Temp, where then the service account without administrator privileges hasn't proper access.

I think the problem also exists in Wix 4 (and maybe 5) (seems to be the same code).

[bevanweiss]

In my very adhoc testing of Burn's handling, it did respect the TMP system variable to determine where to place the Temporary files.
So you could provide a folder that has permissions for your MSA / VSA..

[rkieslinger]

Thx for the information, but I don't really want to tamper with the TMP system variable. There's not really a good point in time when to temporarly change the TMP system variable and also this could have side effects.

IMO it's an obvious bug in an edge case.