69
Windows 11 Escalation Vulnerability Let Attackers Gain Admin Access Within 300 Milliseconds
(cybersecuritynews.com)
this post was submitted on 16 Apr 2025
69 points (97.3% liked)
Cybersecurity
7040 readers
126 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]
Notable mention to [email protected]
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
9x was not secure. User credentials were only used to load a user profile, but there was no functionality to deny access to anything, and you did not need to log on with credentials.
NT and 2000 forward have been secure(r), with actual permissions (file/folder, registry, services, etc) applied to user accounts.
Much of the crying about windows not being secure stems from people using admin-level accounts to do day-to-day things, and then getting tricked into clicking things they shouldn't. Microsoft kind of mitigated this with UAC prompts, but the everyday user is "annoyed" by those, so people figure out how to turn UAC off, or just blindly click through the warnings. Hell, remember when the first UAC prompts out of Vista were "so annoying" that Microsoft had to scale back their frequency, because people didn't like it?
This particular security situation is not any of the above. It stems from an actual code exploit. Which, by my reading, has been fixed?
Anyway - a vast majority of the "Windows is not secure" is a direct result of users running as root. Which you can do on any operating system.