Cybersecurity analysts have outlined four distinct weaknesses within a fundamental element of the Windows task scheduling service that could potentially be leveraged by local assailants to gain elevated permissions and eliminate logs to obscure traces of nefarious actions.
The vulnerabilities have been identified in a file called “schtasks.exe,” which allows an administrator to generate, remove, inquire, modify,