module
Microsoft Spooler Local Privilege Elevation Vulnerability
| Disclosed |
|---|
| Nov 4, 2019 |
Disclosed
Nov 4, 2019
Description
This exploit leverages a file write vulnerability in the print spooler service
which will restart if stopped. Because the service cannot be stopped long
enough to remove the dll, there is no way to remove the dll once
it is loaded by the service. Essentially, on default settings, this module
adds a permanent elevated backdoor.
which will restart if stopped. Because the service cannot be stopped long
enough to remove the dll, there is no way to remove the dll once
it is loaded by the service. Essentially, on default settings, this module
adds a permanent elevated backdoor.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.