Security News > 2023 > August > New stealthy techniques let hackers gain Windows SYSTEM privileges
Security researchers have released NoFilter, a tool that abuses the Windows Filtering Platform to elevate a user's privileges to increases privileges to SYSTEM, the highest permission level on Windows.
Microsoft defines the Windows Filtering Platform as "a set of API and system services that provide a platform for creating network filtering applications."
Researchers at cybersecurity company Deep Instinct developed three new attacks to elevate privileges on a Windows machine without leaving too much evidence and without being detected by numerous security products.
The researcher explains that an important driver in Windows operating system called tcpip.
A second technique involves triggering an IPSec connection and abusing the Print Spooler service to insert a SYSTEM token into the table.
A third technique described in Yizhak's post allows obtaining the token of another user logged into the compromised system for lateral movement purposes.