This is where things get complicated. It is often argued that this is like a security hole.
“With the proof of concept given, we are making an act of presenting the supreme command. This can be done by the administrator, but they will get a UAC prompt. Instead, we use a more aggressive approach, and you don’t get the UAC prompt,” Reguly said. “If UAC is a security feature and we’re using something that wouldn’t normally require a UAC prompt without one, that sounds like overriding the security feature to me. Microsoft, traditionally, has a pass-through security feature fixed, but, in this case, due to the wording of the Microsoft Security Servicing Criteria for Windows, this is not the case. “
That last line is actually the crux of Microsoft’s argument. In the Windows Security Service Terms, Microsoft states that “Administrative processes and users are considered part of the Trusted Computing Base (TCB) of Windows and are therefore not strictly isolated from the kernel boundary. Administrators control device security and can disable security features, issue security updates, and perform other actions that disable kernel isolation. This includes actions that require Administrator permissions such as registry entries with HKEY_LOCAL_MACHINE and any attack where the attacker has Local or Domain Administrator access.
Source link