Print Page - Can Secondary Logon service be used by attackers if they know an acc password?

Title: Can Secondary Logon service be used by attackers if they know an acc password?
Post by: lunarlander on December 20, 2021, 10:37:02 AM

Hi,

Since your program mandates the Secondary Logon service, can it be utilized by attackers if they know a password? Then they could run a program with admin rights if they know the password to an admin account.

Title: Re: Can Secondary Logon service be used by attackers if they know an acc password?
Post by: fixer on December 21, 2021, 09:09:50 PM

If an isolated process starts a non-isolated process, it's considered a weird behavior and blocked.

ReHIPS forum

English Subforum => ReHIPS => Topic started by: lunarlander on December 20, 2021, 10:37:02 AM