|
|
|
|
|
|
by mjg59
1202 days ago
|
|
|
The initial infection requires the ability to execute code as admin under Windows, but the writeup notes that it attempts to bypass UAC to gain that even as an unprivileged user (albeit one who is permitted to run code as admin). If you run as a user who doesn't have admin access you should be protected, even if we don't know the initial infection vector. |
|
|
That's not very reassuring. Privilege escalation on Windows is a well studied subject:
https://github.com/swisskyrepo/PayloadsAllTheThings/blob/mas...