By default, modern Windows operating systems operate under the principle of least privilege, meaning applications run with standard user permissions even if the logged-in user is an administrator. This report examines the mechanics, use cases, and security implications of this feature. 🛠️ Mechanism of Action
When a user selects "Run as Administrator," Windows utilizes the framework to transition the application's process from a standard token to an administrative token. Run as Administrator
: An elevation request triggers a secure desktop prompt. If the user is a standard account, they must enter an administrator's credentials. If the user is an administrator, they must simply click "Yes" to consent to the elevation. 📋 Common Use Cases By default, modern Windows operating systems operate under
: Attackers often exploit software running as an administrator to gain unauthorized system access. For instance, opening a file dialog from an elevated application (like Notepad running as admin) can allow an attacker to launch an elevated command prompt without triggering a new UAC prompt. ⚙️ How to Execute "Run as Administrator" : An elevation request triggers a secure desktop prompt
: Applications gain the ability to modify protected system directories (like C:\Windows ), change the registry, and manage system-level services.
: If a malicious application or a compromised web browser is run as an administrator, it gains full access to the entire operating system, enabling it to install malware or steal sensitive system files.
: Running older applications designed before UAC was introduced, which expect continuous write access to root drives or system folders. 🔒 Security Implications