Windows 10: Windows Privilege Elevation Management

Discus and support Windows Privilege Elevation Management in AntiVirus, Firewalls and System Security to solve the problem; Hello, I am configuring our privilege manager for our workstations at my business. I am having a debate on whether I want to allow ANYTHING to elevate... Discussion in 'AntiVirus, Firewalls and System Security' started by CyberMan88, Apr 28, 2020.

  1. CYBERMAN88
    CyberMan88 Win User

    Windows Privilege Elevation Management


    Hello,

    I am configuring our privilege manager for our workstations at my business. I am having a debate on whether I want to allow ANYTHING to elevate from "trusted" directories i.e. Program Files and Windows directories that are owned by elevated users or make dozens of filters and policies. In order to install something here you would need to have elevated privileges anyway. I'm considering this because we have a small security team and managing creating policies for every single file that users would need to elevate can be tedious. Is this a terrible idea or would this be acceptable? What kind of exploits if any would I be opening myself up to? Appreciate any examples or feedback! Thank you!

    :)
     
    CyberMan88, Apr 28, 2020
    #1
  2. GERRY C J CORNELL
    Gerry C J Cornell Win User
    Gerry C J Cornell, Apr 28, 2020
    #2
  3. MARCINMROWIEC
    MarcinMrowiec Win User
    Scheduled tasks run with elevated privileges can't access stored Windows credentials

    It seems that after Creators update scheduled tasks run with elevated privileges ('run with highest privileges' option) can't access stored Windows credentials. Is that a bug or an intentional change and is there a recommended workaround?

    Here's one way to reproduce the behaviour:

    • Start Credential Manger and add some Windows share credentials.
    • In a console window type 'cmdkey /list', which should list the added credentials
    • Create a task in a task manager:
      • Trigger: on user logon
      • Action: run cmd.exe
      • Tick the 'run with highest privileges' option
    • Reboot the machine and log in
    • In the console window (let's call it 'console 1') opened from the scheduled task type 'cmdkey /list'. This most likely won't display the credentials added in step 1 and properly listed in step 2. ->
      This looks like a bug
    • Now, without closing 'console 1' open another console window as an administrator (let's call it 'console 2') and type 'cmdkey /list'. This will properly list credentials added in step 1.
    • Switch to 'console 1' and type 'cmdkey /list' again. This time the credentials are listed properly, unlike in step 5. It looks like an access to Windows credentials was somehow 'unlocked' by step 6.
     
    MarcinMrowiec, Apr 28, 2020
    #3
  4. SHORTMORT37
    shortmort37 Win User

    Windows Privilege Elevation Management

    Never prompted to elevate privilege as administrator


    OK, I tried Dinesh's tutorial. First, here's a list of accounts for my machine:


    Windows Privilege Elevation Management [​IMG]


    I held down Shift and rebooted, and got the WinRE splash screen. I was prompted to log in, with "Dan" my only option:


    Windows Privilege Elevation Management [​IMG]


    If I clicked on "Don't see your account", I got this:


    Windows Privilege Elevation Management [​IMG]


    Is it suggesting that "Dan" is an administrator account? Oh, that it were so... I went back, selected the "Dan" account, and it booted into command prompt. I then attempted the first of Dinesh's instructions:


    Windows Privilege Elevation Management [​IMG]


    Hello darkness, my old friend... "Access Denied."

    Dan
     
    shortmort37, Apr 28, 2020
    #4
Thema:

Windows Privilege Elevation Management

Loading...

  1. Windows Privilege Elevation Management - Similar Threads - Privilege Elevation Management

  2. Workaround for Windows 10 and 11 HiveNightmare Windows Elevation of Privilege Vulnerability

    in Windows 10 News
    Workaround for Windows 10 and 11 HiveNightmare Windows Elevation of Privilege Vulnerability: Earlier this week, security researchers discovered a vulnerability in recent versions of Microsoft's Windows operating system that allows attackers to run code with system privileges if exploited successfully. Overly permissive Access Control Lists (ACLs) on some system...

  3. Elevated Privilege

    in User Accounts and Family Safety
    Elevated Privilege: All-- It there a way to permanenly mark an executable (EXE, DLL, BAT, etc) to always run witth elevated privileges? My nightly file cleanup BAT launches BCDEdit (to reboot in Safe Mode) which requires elevated status. Thanks in advance for any help/direction, Randy Reist,...

  4. Elevated Privilege

    in Windows 10 Performance & Maintenance
    Elevated Privilege: All-- It there a way to permanenly mark an executable (EXE, DLL, BAT, etc) to always run witth elevated privileges? My nightly file cleanup BAT launches BCDEdit (to reboot in Safe Mode) which requires elevated status. Thanks in advance for any help/direction, Randy Reist,...

  5. CVE-2019-1214 Windows CLFS Driver Elevation of Privilege Vulnerability

    in Windows 10 News
    CVE-2019-1214 Windows CLFS Driver Elevation of Privilege Vulnerability: MITRE CVE-2019-1214 An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit...

  6. CVE-2019-1292 | Windows Elevation of Privilege Vulnerability

    in Windows 10 News
    CVE-2019-1292 | Windows Elevation of Privilege Vulnerability: MITRE CVE-2019-1292 An elevation of privilege vulnerability exists in Microsoft Windows when Windows fails to properly handle certain symbolic links. An attacker who successfully exploited this vulnerability could potentially set certain items to run at a higher level and...

  7. CVE-2019-1215 | Windows Elevation of Privilege Vulnerability

    in Windows 10 News
    CVE-2019-1215 | Windows Elevation of Privilege Vulnerability: MITRE CVE-2019-1215 An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated privileges. To exploit the vulnerability, a locally...

  8. Keystrokes lagging, unless launch applications with elevated privileges

    in Windows 10 Installation and Upgrade
    Keystrokes lagging, unless launch applications with elevated privileges: Hi I have a new Windows 10 laptop (Lenovo Ideapad 720), logging in with an MS account (same account as my old Windows 10 laptop) I've run all the windows updates, and run a BIOS update from the manufacturer, and throughout that process I've had a massive lag on...

  9. Installing with Elevated Privileges?

    in AntiVirus, Firewalls and System Security
    Installing with Elevated Privileges?: I m running my laptop as a standalone system and I also have two accounts. One for Admin and for Local Standard User. My question is, even If I had set the UAC prompting level too the maximum level, will I still need to set the following Group Policy as from the image? 114552

  10. Never prompted to elevate privilege as administrator

    in User Accounts and Family Safety
    Never prompted to elevate privilege as administrator: I recently upgraded my W8.1 system to W10. I'm assuming my administrator password is the same as it was - I don't recall being prompted to change and save it - but, I'm never prompted for it. Instead, everytime I try to do something that requires administrative privilege...