Raiders of the Elevated Token: Understanding User Account Control and Session Isolation Raymond P.L. Comvalius Independent IT Infrastructure Architect.

Slides:



Advertisements
Similar presentations
IEs Protected Mode in Windows Vista TM January 20, 2006 Marc Silbey Program Manager.
Advertisements

Bring Your Own Device Demo Maak een Windows to Go stick.
Faith Allington Program Manager Microsoft Corporation WSV322.
Turning PowerShell Commands into Reusable CLI and GUI Tools Don Jones Senior Partner and Principal Technologist Concentrated Technology, LLC WCL404.
Getting the Most Out of the Power of Group Policy Jeremy Moskowitz Chief Propeller-Head GPanswers.com & PolicyPak Software.
Client management scenarios in the Windows 8 timeframe Bryan Keller – Lead Program Manager Craig Morris – Senior Program Manager WCL388.
Upgrading SSIS Packages to SQL Server 2012 Sven Aelterman Lecturer in Information Systems & Web/Technology Specialist Troy University, Sorrell College.
What's New in Microsoft Deployment Toolkit 2012 Michael Niehaus Senior Program Manager Microsoft Corporation.
Windows Intune: Cloud Based PC Management (Technical Overview) Elias Mereb Erdal Ozkaya MVP – Windows Expert-IT Pro WideTech Consulting FastLane – AP.
Five Infrastructure Changes That Will Boost Performance for the Windows Client Andreas Stenhall Senior Executive Consultant Knowledge Factory.
Customizing the User State Migration Tool Michael Niehaus Senior Program Manager Microsoft Corporation WCL322.
Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.
Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.
Best Practices for Designing and Consolidating Group Policy for Performance and Security Darren Mar-Elia Group Policy MVP, CTO & Founder SDM Software,
Internet Explorer 7 Security Features Steve Lamb Technical Security Microsoft Ltd
Operating and Optimizing Multi-Tenant SaaS Applications in Windows Azure: An IT Pro Perspective Rainer Stropek CEO, Co-Founder software architects gmbh.
How Many Coffees Can You Drink While Your PC Boots? Stephen Rose, Vadim Arakelov, Pieter Wigleven, Matthew Reynolds Microsoft Corporation WCL305.
Getting Exchange and SharePoint to Play Together J. Peter Bruzzese Exchange MVP, MCSE, MCT Exchange/SharePoint Administration Instructor for TrainSignal.
11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.
Building Windows 8 Apps for the Enterprise Robert Green Technical Evangelist Microsoft Corporation.
App Compat for Nerds: Understanding, Troubleshooting, and Fixing Busted Apps chris jackson principal consultant microsoft corporation WCL402.
Optimizing Microsoft SQL Server Analysis Services for Big Data Adam Jorgensen Microsoft Corporation.
Michel Barnett Architect Microsoft WCL201 Session Objectives and Takeaways Session Objectives: Explain deployment options Demonstrate key deployment.
Customizing the Browser Browser Management Deployment MethodsApp Compat.
Microsoft ® Official Course Module 9 Configuring Applications.
Accelerating the Power of the Cloud with Microsoft Private Cloud Fast Track and EMC Infrastructure Mike McGhee Solutions Engineer EMC Corporation WSV211.
Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.
Active Directory Administration Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Creating Users, Computers, and Groups Automate creation.
LinuxUNIX Red HatSUSECentOSUbuntuDebianOracleAIXHP-UXSolaris Configuration Manager * * * * * * Endpoint Protection No Plans.
Building Metro style UIs Paul Gusmorino Lead Program Manager Microsoft Corporation DEV354.
Module 4: Add Client Computers and Devices to the Network.
Building Integration Solutions using BizTalk On-Premises and on Azure Javed SikanderRajesh Ramamirtham Group Program ManagerProgram Manager AZR211.
Building Metro style apps with HTML and JavaScript Paul Gusmorino Lead Program Manager Microsoft Corporation.
Troubleshooting Windows Vista Security Chapter 4.
CN1176 Computer Support Kemtis Kunanuraksapong MSIS with Distinction MCT, MCTS, MCDST, MCP, A+
Building SharePoint Online Applications in a Hybrid World Chris Johnson General Manager Provoke Solutions - Seattle OSP331.
What's New with IIS 8 Performance, Scalability, and Security Robert McMurray Program Manager Microsoft Corporation WSV332.
ASP.NET for Mobile and Tablet Development Damian Edwards Senior Program Manager Microsoft Corporation.
Module 5: Configuring Internet Explorer and Supporting Applications.
Planning a Microsoft Windows 2000 Administrative Structure Designing default administrative group membership Designing custom administrative groups local.
WCL310-R. Disabled by Default in Windows 7 and Vista Most Secure – Best Choice for IT Windows 7 and Vista - Default XP Default The Administrator The.
What’s New with Windows Server 2012 and Microsoft System Center 2012 SP1 Vijay Tewari Principal Group Program Manager Microsoft Corporation.
Module 5 : Security I Jong S. Bok
WCL328 - Windows Intune for the Enterprise David Nudelman Senior Consultant – Microsoft MVP OCSL - UK.
App Controller Tabrez Mohammed Yuan Zheng Program Managers Microsoft Corporation MGT303.
Maximizing Windows 7 Performance: Troubleshooting Tips Johan Arwidmark Chief Technical Architect Knowledge Factory WCL327.
Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.
MIS Chapter 41 Chapter 4 – Implementing and Managing Group and Computer Accounts MIS 431 – Created Spring 2006.
Cloud-Ready Data Services. cloud data services.
Advanced Microsoft SharePoint 2010 Upgrade Troubleshooting Shane Young – Todd Klindt SharePoint Nerds Rackspace OSP339.
Application Lifecycle Management - automated builds and testing for SharePoint projects Chris O’Brien SharePoint MVP OSP432.
Windows 7, Configuring. Exam Cram : Configuring Windows 7 Bob Reinsch Senior Technical Instructor Centriq Training, Kansas City (USA)
ITMT Windows 7 Configuration Chapter 7 – Working with Applications.
Group Policy Preferences. Session Objectives And Agenda Group Policy Preferences High level Overview New Extensions details New Concepts Preferences Reporting.
Demystifying Forefront Edge Security Technologies – TMG and UAG Richard Hicks Director – Sales Engineering Celestix Networks, Inc. SIA208.
Stephen Rose- Sr Product Manager-
TechEd /20/2018 7:32 PM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.
A Drivers Saga: The Control Freak Meets the Dynamic Developer
MDOP: Advanced Group Policy Management 4.0
Twenty Windows Tools You Never Knew Existed
Embracing the Future: Modernizing Legacy Software Assets
Tech·Ed North America /7/2018 9:06 AM
Chris Jackson Principal Consultant Microsoft Corporation
TechEd /11/ :54 PM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered.
Top OS Deployment Issues With Answers from Experts
What's New in Microsoft Deployment Toolkit 2012 (MDT)
Choosing the Right OS Deployment Tool
2/28/2019 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
4/15/2019 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Preparing for the Windows 8. 1 MCSA Module 6: Securing Windows 8
Presentation transcript:

Raiders of the Elevated Token: Understanding User Account Control and Session Isolation Raymond P.L. Comvalius Independent IT Infrastructure Architect NEXTXPERT WCL325

@nextxpert

The Administrator The account named ‘administrator’ An Administrator Your name with administrator privileges Protected Administrator AKA: ‘Administrator in Admin Approval Mode’ Standard User Your name without administrator privileges

Administrators Backup Operators Power Users Network Configuration Operators Cryptographic Operators Domain Admins Schema Admins Enterprise Admins Group Policy Creator Owners Domain Controllers Enterprise Read-Only Domain Controllers Account Operators Print Operators Server Operators RAS Servers Pre-Windows 2000 Compatible Access Remove all except: Bypass traverse checking Shutdown the System Remove computer from Docking station Increase a process working set Change the Time zone

With or without administrative privileges Analyzing the User Token Demo

Configuring UAC Demo

SystemHigh Medium (Default) Low Services AdministratorsStandard Users IE Protected Mode

Integrity Level: Medium (Restricted Token) Integrity Level: High (Elevated Token)

Internet Explorer 8 Internet Explorer 9/10

iexplore.exe (management process) iexplore.exe (content process) Protected-mode Broker Object UI Frame Favorites Bar Command Bar Browser Helper Objects ActiveX Controls Toolbar Extensions Browser Helper Objects ActiveX Controls Toolbar Extensions

Integrity Levels Demo

File & Registry Virtualization Demo

File Names & Manifests Demo

Compatibility Settings Demo

Session 0 Isolation Demo

DD D Kernel Drivers D D User-mode Drivers D DD Service 1 Service 2 Service 3 Service … Service … Service A Service B

Concluding

WCL301: Case of the Unexplained Find Me Later At the Technical Learning Center WCL402: App Compat for Nerds

Resources for Developers Windows 8 is ready for Business Microsoft Desktop Optimization Pack: Microsoft Desktop Virtualization:

Download Download the Windows 8 Release Preview Today

Connect. Share. Discuss. Learning Microsoft Certification & Training Resources TechNet Resources for IT Professionals Resources for Developers

Required Slide Complete an evaluation on CommNet and enter to win!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.