IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [windows-permissions]

50 questions
311
votes
25 answers

Should I let my child's school have access to my kid's personal laptop?

My kid is starting 6th grade and the school requires him to get a laptop and bring it to school. Now the school IT department wants to install some software on the laptop and is asking for administrative access. They want to install Office, Outlook,…
Sushil
  • 2,099
  • 2
  • 7
  • 10
15
votes
3 answers

Windows groups and permissions: Authenticated Users group meaning

What is the purpose of the "Authenticated Users" group in Windows? Under Linux it doesn't exist and I'm starting to think this is another idiosyncrasy or over-engineering of the Windows operating system. Here is why: Assume I want to know what…
dendini
  • 680
  • 2
  • 8
  • 12
13
votes
2 answers

How does consent.exe know what to display?

consent.exe is responsible for showning the UAC dialog. Looking at the command line parameters with Process Explorer, I see the following: consent.exe 1316 748 000000004385BD60 I have read How does the Windows “Secure Desktop” mode work? here on…
Thomas Weller
  • 3,246
  • 3
  • 21
  • 39
6
votes
2 answers

Securing a process from local users

We require a method to run a process on a users machine whereby a local user cannot kill this process (from task manager or otherwise). Is there a way to make this application a system process or make it un-killable. I have gone through all the…
Sachin Aggarwal
  • 161
  • 3
4
votes
2 answers

How can I disable execution of programs from Downloads directory in Windows 10?

I run Windows 10 and I would like the contents of my system default "Downloads" folder to be non-executable. I want at least for a landing zone where I can scan files, run hash checks, and so on. Does this sound right? Change the SYSTEM (and my…
user99573
4
votes
2 answers

What is the main risk of allowing services to logon as NT AUTHORITY\SYSTEM?

Many enterprises run service on production servers as SYSTEM without considering the risk that might arise from this configuration, what is the biggest risk associated with it? and how would attackers exploit this kind of configuration?
Limpid.Security
  • 119
  • 1
  • 1
  • 8
4
votes
1 answer

Does write permission over a windows service always imply privilege escalation?

Context: Doing a lab pentest on a windows VM, I got a shell as LocalService. I modified the binpath to execute a meterpreter. Then I changed the SERVICE_START_NAME to "LocalSystem" by doing: sc config upnphost obj= "LocalSystem" password= "" I…
bolachas
  • 41
  • 1
3
votes
1 answer

System Account in Windows

I was thinking about SYSTEM account on windows 7 and while researching about it, I came to know that it is predefined account used by service control manager (SCM),The account is not recognised by security subsystem what does it mean? I want to know…
raven
  • 241
  • 2
  • 4
  • 13
3
votes
1 answer

Localhost WebSocket defense

If a malicious application has found its way onto a computer running a localhost only WebSocket server, would it help if the communications used SSL? If so, how could SSL fail if a malicious app Had total control over the computer Was a non-root…
user36556
3
votes
0 answers

Exploiting Environment Variables in Scheduled Tasks for UAC Bypass

I am trying to escalate privileges from an ISS user on Windows Server 2012 R2 by exploiting Environment Variables in Scheduled Tasks for UAC Bypass as the following link explains the…
Lucian Nitescu
  • 1,802
  • 1
  • 13
  • 27
3
votes
3 answers

Windows Defender and Windows Processes

When I open up task manager, I see windows processes(services) at the bottom. As a programmer, I want to create a windows process/service for security research(windows defender) but I have some questions, when an executable is run as a windows…
turmuka
  • 179
  • 1
  • 9
3
votes
2 answers

How to find who granted local admin privileges to a user?

A friend of mine works in an organisation and one fine day realised that he has local admin access on his machine. He swear to me that he didn't have the privilege initially and needed to raise requests for installing any software. I verified that…
hax
  • 3,851
  • 1
  • 16
  • 34
3
votes
1 answer

Security benefits of running as standard user vs. administrator

I heard in a podcast a while back (I believe it was Steve Gibson's Security Now) that running Windows as standard user vs. administrator mitigates 99% of Windows vulnerabilities (I think that was the correct percentage I heard). Anyone have a source…
jay-charles
  • 1,209
  • 1
  • 11
  • 14
3
votes
5 answers

May be justified to use generic and shared user accounts in order to segregate and reduce risk?

Imagine I have a group of users called "support" that participates solving different kinds of problems. Each user has a nominal username like jsmith that has not much privileges but additional everyone in this group uses two different user accounts:…
Eloy Roldán Paredes
  • 1,507
  • 12
  • 25
2
votes
2 answers

Attacker able to install screen capturing software in Windows 7 guest account

I am operating in a guest account of Windows 7. Could an attacker that got onto my PC through malware I installed, install a video program that records everything I do and send the result back to his server without knowing my admin password in the…
Fidel Hogsed
  • 91
  • 3
1
2 3 4