Problem solve Get help with specific problems with your technologies, process and projects.

What are elevated privileges and why do they make my systems vulnerable?

Concerning your response to How can I stop administrators from taking their computers out of the domain?, can you please clarify and give examples of what you mean by "think of the elevation of privilege attacks that might provide them with elevated privileges on other machines (including servers and domain controllers)"?
If an attacker is able to gain access to LSA secrets (possibly by using lsadump2), then they might discover the user name and password for a service account. Accounts that are used to run services may have privileges beyond that held by the user of the compromised account and maybe domain-level accounts. Armed with the information, the attacker can log on and now have those privileges. If the account is a domain account, his privileges extend to many computers in the domain, not just the one he was able to compromise.
This was last published in February 2003

Dig Deeper on User passwords and network permissions

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.