user access control Archives

Winsage

May 21, 2025

Windows 11 Introduces Enhanced Administrator Protection to Strengthen Security Against Elevated Privilege Attacks

Microsoft has launched Administrator Protection for Windows 11, a feature designed to enhance cybersecurity by preventing privilege escalation attacks. This feature creates a security boundary around administrative operations, reducing the attack surface for cybercriminals. It introduces a hidden, system-managed local user account that generates isolated admin tokens, preventing user-level malware from compromising elevated processes. Administrator Protection eliminates auto-elevation functionality, requiring users to explicitly authorize administrative actions. It utilizes a System Managed Administrator Account (SMAA) that generates non-persistent admin tokens for specific tasks, which are discarded after use. The feature is currently available to Windows Insiders in the Canary channel and will expand to the Dev channel, with broader deployment expected in the 24H2 release. Compatibility challenges may arise in complex development environments, such as with Visual Studio.

Tech Optimizer

May 6, 2025

Databricks reportedly could acquire serverless database startup Neon for $1B+

Databricks Inc. is in advanced discussions to acquire Neon Inc., a startup specializing in a commercial version of the open-source PostgreSQL database, with the deal anticipated to exceed billion. Neon, based in San Francisco, has raised over 0 million in funding, including contributions from Microsoft's M12 fund. Neon’s PostgreSQL distribution features a serverless architecture that dynamically adjusts hardware resources based on workload demands, allowing for separate provisioning of storage and processing power. It also includes an innovative connection pooling feature to minimize resource drain when establishing network connections. Neon enhances its offering with a cybersecurity tool for granular user access control and the ability to revert databases to previous states in case of data loss. Databricks' interest in Neon may be linked to its suitability for AI applications, as it supports vector storage and can provision new database instances in as little as one second. Databricks has been actively pursuing acquisitions to enhance its AI capabilities, including recent purchases of Fennel AI Inc., Lilac AI Inc., and MosaicML Inc.

Winsage

September 27, 2024

Novel Exploit Chain Enables Windows UAC Bypass

Researchers have identified a security concern designated as CVE-2024-6769, which involves user access control (UAC) bypass and privilege escalation vulnerabilities in the Windows operating system. This flaw could allow an authenticated attacker to gain complete system privileges. Fortra rated the vulnerability with a medium severity score of 6.7 out of 10 on the CVSS scale. The attack requires an attacker to have medium integrity-level privileges of a standard user in the administrative group. The attacker can manipulate the system's root drive and use a counterfeit DLL to execute code at an elevated privilege level. Microsoft does not classify this as a vulnerability, stating that administrative processes are part of the Trusted Computing Base (TCB) and implying that they are not strongly isolated from the kernel boundary. Fortra argues that this undermines the credibility of UAC as a security feature. Only administrators are affected by this vulnerability, and vigilance is recommended for businesses to mitigate risks associated with privilege escalation.