Security News > 2017 > March > Hijacking Windows user sessions with built-in command line tools (Help Net Security)
2017-03-20 18:45
Did you know that by using built-in command line tools, any user with system rights and permissions (usually a local administrator) can hijack the session of any logged-in Windows user without knowing that user’s password? He or she can perform the action if they have physical access to the target’s machine, but also remotely via Remote Desktop Protocol (RDP). The capability is not exactly secret, as it has been pointed out by a French security … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/Mr82B7ZQ9HQ/
Related news
- Broadcom warns of authentication bypass in VMware Windows Tools (source)
- New Security Flaws Found in VMware Tools and CrushFTP — High Risk, PoC Released (source)
- Update VMware Tools for Windows Now: High-Severity Flaw Lets Hackers Bypass Authentication (source)
- GitHub expands security tools after 39 million secrets leaked in 2024 (source)
- WinRAR flaw bypasses Windows Mark of the Web security alerts (source)
- What native cloud security tools won’t catch (source)
- Microsoft: Windows 'inetpub' folder created by security fix, don’t delete (source)
- Don't delete that mystery empty folder. Windows put it there as a security fix (source)
- Windows "inetpub" security fix can be abused to block future updates (source)