Resident Pulser@infosec.pubB to

Pulse of Truth@infosec.pubEnglish · 2 months ago

Novel Exploit Chain Enables Windows UAC Bypass

www.darkreading.com

1

cross-posted to:
cybersecurity@sh.itjust.works

5

Novel Exploit Chain Enables Windows UAC Bypass

www.darkreading.com

Resident Pulser@infosec.pubB to

Pulse of Truth@infosec.pubEnglish · 2 months ago

1

cross-posted to:
cybersecurity@sh.itjust.works

Adversaries can exploit CVE-2024-6769 to jump from regular to admin access without triggering UAC, but Microsoft says it’s not really a vulnerability.

You must log in or # to comment.

Chat

BearOfaTime@lemm.ee
link
fedilink
English
arrow-up
2·
edit-2
2 months ago
“The account from which the attack is launched must be a member of the local admin group”

Umm, so let me get this straight, so a local admin can fuck up a system?

I’m shocked.

Just another example of why we don’t let users be member of the admin group.

Pulse of Truth@infosec.pub

pulse_of_truth@infosec.pub

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !pulse_of_truth@infosec.pub

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

143 users / day
480 users / week
1.26K users / month
3.37K users / 6 months
1 local subscriber
493 subscribers
1.96K Posts
1.29K Comments
Modlog

mods:
krogoth@infosec.pub