A secondary desktop shown to Windows users for security-sensitive prompts, intended to protect against spoofing by malicious software.
The Secure Desktop, introduced in Windows Vista, is a secondary desktop shown to Windows users for security-sensitive prompts, intended to protect against spoofing by malicious software. When the Secure Desktop is active, the normal desktop cannot be accessed until the Secure Desktop is closed. For example, UAC prompts dim the entire desktop area, blocking interaction with any user program until the prompt is closed. The Windows Security screen, which is used for logging onto the computer and (by default) can be accessed by pressing Ctrl+Alt+Delete, also uses the Secure Desktop.
Only trusted processes running as the SYSTEM user can run on the Secure Desktop, ensuring that no malicious program can use it to steal logon credentials. In addition, the Secure Desktop provides its own mouse pointer so that a malicious program cannot, for example, manipulate the cursor to cause the user to click on the Yes button on a UAC prompt when the user intends to click No.
For more information on the Secure Desktop, including technical details on how it works and how it is used to increase the security of UAC prompts, see the MSDN UACBlog entry User Account Control Prompts on the Secure Desktop.
