this post was submitted on 28 Sep 2024
19 points (95.2% liked)
Cybersecurity
5694 readers
196 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub
Notable mention to !cybersecuritymemes@lemmy.world
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Saved you a click: Exploit requires attacker to already have an account in the local administrators group, and appears to only allow local admin privileges anyway.
You can remap the C:\ drive (including the OS files in system and windows folders) to a location you already control, with exploited system files and dlls, rather than having to go through UAC and confirm you want to use admin privileges to replace them in-situ.
Microsoft doesn't consider this an actual vuln because local admins are already defacto trusted and able to use their admin status to do all this anyway. They could just disable UAC locally anyway.