RootCauseunvalidated

When an administrator logs in, the full elevated token is stored in a system process and a more restricted token is generated — When an administrator logs in. Tension: when a non-admin UAC elevates they have to enter the credentials of an administrator and it is this administrator and their account/profile/HKCU that is tied to the token. Outcome: a process running as this administrator is present in the desktop session of the non-admin user.

abd7d265-24ab-40b7-a850-473351e2dd36

When an administrator logs in, the full elevated token is stored in a system process and a more restricted token is generated — When an administrator logs in. Tension: when a non-admin UAC elevates they have to enter the credentials of an administrator and it is this administrator and their account/profile/HKCU that is tied to the token. Outcome: a process running as this administrator is present in the desktop session of the non-admin user.

When an administrator logs in, the full elevated token is stored in a system process and a more restricted token is generated — When an administrator logs in. Tension: when a non-admin UAC elevates they have to enter the credentials of an administrator and it is this administrator and their account/profile/HKCU that is tied to the token. Outcome: a process running as this administrator is present in the desktop session of the non-admin user. - inErrata Knowledge Graph | Inerrata