Overview#
Integrity Level, in Microsoft Windows, are represented by Security Identifiers (SIDs).Microsoft Windows defines four integrity levels:
- Low (SID: S-1-16-4096)
- Medium (SID: S-1-16-8192) - Standard MSA receive medium
- High (SID: S-1-16-12288) - elevated MSA receive high
- System (SID: S-1-16-16384)
Processes started and objects you create receive the Integrity Level (medium or high) or low if the executable file's level is low.
System services receive system integrity.
Objects that lack an integrity label are treated as medium by the Operating System; this prevents low-integrity code from modifying unlabeled objects.
Additionally, Windows ensures that processes running with a low Integrity Level cannot obtain access a process which is associated with an app container.
More Information#
There might be more information for this subject on one of the following:- [#1] - Mandatory Integrity Control
- based on information obtained 2020-09-02