Security News > 2017 > March > Fileless UAC Bypass Uses Windows Backup and Restore Utility (Threatpost)

Researcher Matt Nelson disclosed another Windows UAC bypass, this one abusing the sdclt.exe backup and restore utility to execute a payload without triggering an alert.

News URL

http://threatpost.com/fileless-uac-bypass-uses-windows-backup-and-restore-utility/124579/