- Dec 30, 2012
- 4,809
As good as a defensive mechanism User Account Control (UAC) is for Windows users against actions requiring administrator privileges, users can be tricked to run an app with elevated rights without raising any suspicion.
Researchers at Cylance security company developed proof-of-concept malware that can achieve this via Windows Command Prompt (cmd.exe) and the Registry Editor (regedit.exe), although the list of programs can be extended.
The focus was on these two utilities because of their importance on the system, as they are intended for running advanced administrative functions or for modify operating system settings.
More
And
http://blog.cylance.com/trick-me-once-shameonuac
Researchers at Cylance security company developed proof-of-concept malware that can achieve this via Windows Command Prompt (cmd.exe) and the Registry Editor (regedit.exe), although the list of programs can be extended.
The focus was on these two utilities because of their importance on the system, as they are intended for running advanced administrative functions or for modify operating system settings.
More
And
http://blog.cylance.com/trick-me-once-shameonuac