This results in the ability for an attacker to download and install malicious software on a system through compromised email or through a drive-by-download on a compromised website. An attacker may also be able to take control of an infected system and exfiltrate data through a direct connection. Furthermore, if an attacker has root access to an account, they can escalate privileges on the system and fully control it. The weaknesses in the Windows file permission model have been well documented. Microsoft has been working to address these issues through the Windows Security Development Lifecycle (SDL). At release of 22, most of the SDL issues have been addressed. However, there are still some areas of weakness. The most significant of these is in the handling of public profiles.

How an attacker can take control of a system

An attacker may be able to take control of a system by exploiting a weakness in the Windows file permission model. Permissions are set based on the user context, which means that if an attacker can gain access to your account, they can potentially change permissions on any file they want. This comes with the risk of giving attackers full administrator privileges. Furthermore, if an attacker has root access to an account, they can escalate privileges on the system and fully control it. If you want to mitigate this risk, change the default permissions for files and folders so all users have read/write permissions, or use third-party software like TrustLook.

Windows file permission model

The Windows file permission model is a system of rules and attributes that define who has access to files and folders on a system and how they can be accessed. This is primarily done through the use of Access Control Lists (ACLs) stored in the Windows Registry. When an ACL is created, it starts with the Administrator account and any other accounts that have been granted administrator privileges. The privileges of these accounts are extended to their children and grandchildren, which means that any child account inherits the permissions from its parent. If these privileges are not removed when they no longer apply, they could give an attacker full control over a system. This issue was addressed with Windows Vista in Service Pack 1, but still exists in later releases of Vista.

Timeline

Published on: 11/12/2022 00:15:00 UTC
Last modified on: 11/16/2022 18:15:00 UTC

References