Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission.Learn more.

What is a privilege escalation attack?

In This Article

In This Article

A privilege escalation attack is when a malicious user or software process manages to get higher permissions – and thus more control over a computer system – than would usually be granted.

This can be achieved by exploiting a bug, vulnerability, poor configuration in a software application or operating system, exploiting stolen login credentials, or social engineering scenarios designed to trick an authorised user into giving a malicious process or user access to things they shouldn’t.

Kaspersky Home Security

Keep your online activity safe and private across multiple devices – without compromising speed.

Check out Kaspersky’s new security plans from just £10.99 per year

Stolen credential attacks are a very good example of why you should regularlycheck to see if your passwords have been compromised. Other exploits take advantage of features that are actually working as they’re supposed to, such as the venerableWindows Sticky Key exploit, which could leverage accessibility features to open a command shell on some versions of Windows.

The most newsworthy privilege escalation attacks are those that exploit “zero-day” (previously unknown) software vulnerabilities that haven’t yet been discovered and widely patched (protected against via a software update).

New privilege escalation vulnerabilities turn up – and are usually promptly patched –every couple of weeks. They’re usually not announced until fixes are available and most are restricted to specific software applications.

Newsworthy examples with a broader reach have included:

And yes, major vulnerabilities frequently do get entirely ridiculous names.

The good news for average users is that most of these vulnerabilities require access to a less privileged local account to be taken advantage of, and home PCs by default don’t usually expose themselves to the internet in easily exploitable ways.

Am I in danger of a privilege escalation attack?

Am I in danger of a privilege escalation attack?

If your standard user accounts (and any accounts used by specific applications) are secured withstrong passwordsand solid network defences, such as a properly configured firewall between local systems and the wider internet, the practical threat to your average home user is minimal.

It’s more of a threat for business networks, virtual machine hypervisors (servers that host and control virtual machines, found both in local enterprise networks and online server hosting) and internet-facing systems such as web or game servers. The log4j vulnerability I mentionedcan be exploitedon unpatched versions of Minecraft, allowing bad actors to execute software on both vulnerable servers and connected clients.

Kaspersky Home Security

Keep your online activity safe and private across multiple devices – without compromising speed.

Check out Kaspersky’s new security plans from just £10.99 per year

Needless to say, Minecraft’s developer, Microsoft-owned Mojang, was quick to roll out patches for official versions of the client, but that still left some modified versions of both client and server exposed until manually patched.

As a user, if you keep your operating system and software up-to-date, then you’ve little to worry about. Many antivirus and security suites include update and vulnerability scanners to help you keep up.If you’re a system administrator, being aware of vulnerabilities as soon as they’re announced and making sure that you apply patches promptly is a significant part of your responsibilities.

You might like…

K.G. Orphanides is a writer and developer whose areas of expertise include internet security, VPNs, Linux for the desktop, small-scale game development, software preservation and computer audio techno…

Founded in 2003, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have millions of users a month from around the world, and assess more than 1,000 products a year.

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.

Why trust our journalism?

Founded in 2003, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have millions of users a month from around the world, and assess more than 1,000 products a year.

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.