>>>>> "MS" == Michael Scheidell <scheidell@xxxxxxxxxx> writes: >> we've found local privilege escalation in Symantec LiveState agent. >> >> PoC: >> >> 1. kill shstart.exe process MS> Wouldn't you have to be administrator to kill shstart.exe? LocalSystem account has more privilegies then administrator's one. -- Yours sincerely, Eugeny. Doctor Web, Ltd. http://www.drweb.com