This module uses two different strategies to bypass UAC. The first strategy uses the ICMLuaUtil elevated COM interface to execute a new agent with high integrity level. This method works on 32-bit systems, from Windows 7 up to the latest version. The second one leverages on the Program Compatibility Assistant (PCA) and environment variables expansion to perform a Dll hijack and run a new agent with high integrity level. This method works on 64-bit systems, from Windows 7 up to the latest version, and it is compatible with the highest UAC level (Always Notify).

Exploit Platform

Exploit Type

Exploits

Local

Privilege Escalation

Product Name

Impact

Microsoft Windows Administrator UAC Elevation Bypass

Privacy Policy

Cookie Policy

Terms of Service

Accessibility

Impressum