Sunday, April 10th, 2016 at 3:44 pm
The build brings new changes targeting previously exploited dll-hijacking and uac bypass method vulnerabilities.
cliconfg.exe – can no longer be used as target for autoelevation as MS changed it manifest to autoelevate=false.
mmc.exe – event viewer console fixed, dll hijacking no longer works.
fake IIS inetmgr.exe launch from inetsrv appinfo hardcoded directory fixed too – Windows will not allow you to run & autoelevate anything except legit InetMgr.exe from system32\inetsrv directory.
Bypasses alot of the methods used by UACme that is posted in my ::Wiki::