Geeks for your information News Privacy & Security News v
Researcher Bypasses Windows UAC by Spoofing Trusted Directory
Researcher Bypasses Windows UAC by Spoofing Trusted Directory
silversurfer Offline
Staff Member
******
Posts: 3,885
Threads: 3,283
Thanks Received: 5,064 in 3,838 posts
Thanks Given: 6,200
Joined: 12 September 18
#1
12 November 18, 20:23
Quote:A security researcher from Tenable, Inc. recently discovered that it is possible to bypass Windows’ User Account Control (UAC) by spoofing the execution path of a file in a trusted directory.  

Tenable’s David Wells recently discovered a new technique that leverages this functionality to ensure that no UAC prompt is displayed when a rogue executable runs. 

Executables that can auto-elevate need to be already configured for auto-elevation (in which case an “autoElevate” key exists for that file), to be properly signed, and to run from a Trusted Directory, such as “C:\Windows\System32,” the security researcher explains

Source: https://www.securityweek.com/researcher-...-directory
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
Brave 1.91.172 (Jun 12, 2026)
Release Notes v1.9...harlan4096 — 11:13
AdGuard VPN for Windows 2.9.3
AdGuard VPN for Wi...harlan4096 — 11:12
Microsoft Edge 149.0.4022.69
Version 149.0.4022...harlan4096 — 11:11
QOwnNotes
26.6.5 Added edit...Kool — 12:03
Microsoft Edge Moves to Two-Week Release...
Microsoft has anno...harlan4096 — 10:44

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
avatar (39)Tedscolo
avatar (46)brakasig
avatar (45)JamesReshy
avatar (47)Francisemefe
avatar (40)leoniDup
avatar (39)Patrizaancem
avatar (39)biobdam
avatar (40)storoBox
avatar (48)kinotHeemn
avatar (39)Ceballos1976
avatar (40)efynu

[-]
Online Staff
There are no staff members currently online.

>