Windows 7：利用自动提升来提升自己的流程？

…it’s possible for third-party
software running in a PA (Protected Administrator) account with
standard user rights to take advantage
of auto-elevation to gain
administrative rights. For example,
the software can use the
07001 to inject code into Explorer and the
07002 to execute that code,a technique called DLL
injection. Since the code is executing
in Explorer,which is a Windows
executable,it can leverage the COM
objects that auto-elevate,like the
Copy/Move/Rename/Delete/Link Object,
to modify system registry keys or
directories and give the software
administrative rights.

他接着提到恶意软件永远不会这样做,因为它太难了：

…these steps require
deliberate intent,aren’t trivial…

最后

…malware could gain administrative
rights using the same techniques.

所以我很想看到一个实际的实现.

我原以为PROCESS_VM_WRITE将是一个没有给予标准用户的权利.

注意：我自己永远不会做任何不好的事情,对世界上其他所有开发者来说也是如此.