Posted by Stefan Kanthak on Mar 16

Hi @ll,

the exploit shown here should be well-known to every
Windows administrator, developer or QA engineer.

In Microsoft’s own terms it doesn’t qualify as security
vulnerability since UAC is a security feature, not a
security boundary.

Preconditions:

* a user running as “protected Administrator” on Windows 7
and newer with standard UAC settings.

JFTR: this is the default for “out-of-the-box” installations…