cybersecurity

4928 readers

11 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 2 years ago

MODERATORS

shellsharks@infosec.pub

tweedge@infosec.pub

Windows User Account Control Bypassed Using Character Editor to Escalate Privileges (cybersecuritynews.com)

submitted 1 month ago by cm0002@lemmy.world to c/cybersecurity@infosec.pub

19 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] Nighed@feddit.uk 2 points 1 month ago (2 children)

It has some level of additional security I think? some remote access apps have issues with them.

[–] ChaosMonkey@lemmy.dbzer0.com 3 points 1 month ago* (last edited 1 month ago) (1 children)

Yes, by default windows launches UAC prompts in the supposedly isolated "secure desktop" instead of the classical "interactive user desktop".

[–] clb92 3 points 1 month ago

You can also up your UAC security level, so it requires your password, like most Linux distros do. This can (disregarding bypasses like this one) thwart keystroke injection attacks like that from a USB Rubber Ducky.