Security News > 2017 > March > Hijacking Windows user sessions with built-in command line tools (Help Net Security)
2017-03-20 18:45
Did you know that by using built-in command line tools, any user with system rights and permissions (usually a local administrator) can hijack the session of any logged-in Windows user without knowing that user’s password? He or she can perform the action if they have physical access to the target’s machine, but also remotely via Remote Desktop Protocol (RDP). The capability is not exactly secret, as it has been pointed out by a French security … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/Mr82B7ZQ9HQ/
Related news
- Microsoft: Windows 'inetpub' folder created by security fix, don’t delete (source)
- Don't delete that mystery empty folder. Windows put it there as a security fix (source)
- Windows "inetpub" security fix can be abused to block future updates (source)
- Security Tools Alone Don't Protect You — Control Effectiveness Does (source)
- M365 apps on Windows 10 to get security fixes into 2028 (source)
- ThreatLocker Patch Management: A Security-First Approach to Closing Vulnerability Windows (source)
- Designing a Windows Service for Security (source)