Privilege escalation via User Account Control (UAC) remains a critical threat in enterprise environments. This session tells the story of a UAC bypass vulnerability, the fix introducing a permanent machine identity tied to its domain SID that strengthened security, and the unexpected breakage it caused for customers. We’ll explore the technical design, the unintended consequences, the strategies we used to recover, and the lessons learned. Attendees will leave with practical insights on balancing security, compatibility, and customer trust in enterprise environments.

The fact that the fix broke customers makes it even more valuable. Audience members would love a “war story” that shows what went wrong, why, and how to avoid similar pitfalls.

You will learn:

• Understand the mechanics of UAC bypass attacks and why they matter.
• Learn how permanent machine identity using domain SID works and why it was chosen.
• Hear real-world lessons from breaking (and fixing) customer environments and gain practical strategies for designing secure solutions that minimize customer disruption.