Windows (in)security

Sam Berry
Sam Berry
Nov 8, 2020 · 3 min read

In 2017, DZone wrote a really cool article about a windows exploit that a German student discovered that takes advantage of the trusted binary ‘fodhelper.exe’ that is a part of windows. It is located in System32 and is signed by Microsoft, so when you run it, the UAC prompt (pictured below), which is normally required to run a program as an administrator, is not required.

uac prompt