CSO covered Fortra’s disclosure of a Microsoft privilege escalation issue that allows attackers to bypass UAC prompts. Fortra's Tyler Reguly explained that this bypass removes key security checks, posing a risk. Microsoft disagrees, calling it a convenience issue, but the debate continues.
Originally published in CSO.
Excerpt: “Privilege escalation is hardly a new issue, but it is a critical tool in an attacker’s arsenal. Privilege escalation is also a routine part of the administrator’s day, but when an attacker can escalate privileges without an admin being alerted, that can be a disaster. That seems to be the essence of the hole that Fortra is trying to flag.”
