Local Windows Admins Can Hijack Sessions Without Credentials

Take a moment to read this article, watch the demonstrations, and then contemplate the implications.  For a long time, protecting local administrative access meant protecting the confidentiality of the data stored on the server or PC tethered to those local admin credentials.  This exploit / vulnerability / Windows feature (select your viewpoint here) changes the game and injects another leg of the security triad stool – integrity.  Data stored or associated with a specific user session can be accessed as that user without compromising that user’s credentials and without leaving any significant forensic fingerprints.

This article alludes to the fact that Microsoft is well aware of this “feature” and most likely has no intentions of changing it.  As such, we as IT security professionals and general IT practitioners must take necessary steps to mitigate the possibility of exploitation.

https://threatpost.com/local-windows-admins-can-hijack-sessions-without-credentials/124427/