this post was submitted on 27 Sep 2024
5 points (100.0% liked)

Pulse of Truth

451 readers
45 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 1 year ago
MODERATORS
[email protected]
5
Novel Exploit Chain Enables Windows UAC Bypass (www.darkreading.com)
submitted 3 weeks ago by [email protected] to c/[email protected]
1 comments fedilink hide all child comments
 

Adversaries can exploit CVE-2024-6769 to jump from regular to admin access without triggering UAC, but Microsoft says it's not really a vulnerability.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 3 weeks ago* (last edited 3 weeks ago)

"The account from which the attack is launched must be a member of the local admin group"

Umm, so let me get this straight, so a local admin can fuck up a system?

I'm shocked.

Just another example of why we don't let users be member of the admin group.