- cross-posted to:
- cybersecurity@sh.itjust.works
- cross-posted to:
- cybersecurity@sh.itjust.works
Adversaries can exploit CVE-2024-6769 to jump from regular to admin access without triggering UAC, but Microsoft says it’s not really a vulnerability.
Adversaries can exploit CVE-2024-6769 to jump from regular to admin access without triggering UAC, but Microsoft says it’s not really a vulnerability.
“The account from which the attack is launched must be a member of the local admin group”
Umm, so let me get this straight, so a local admin can fuck up a system?
I’m shocked.
Just another example of why we don’t let users be member of the admin group.