Killing LANDesk ISSUser and Access Denied.

So in the last day, A buddy of mine pointed out an issue with LanDesk ISSUR. I got to a stopping point but basically when you try to Kill the process while it is in a hung state it. So my thoughts were the ACL in memory for the process was adjusted to prevent administrators from killing the process. After running this code I found the process does not even have a handle to begin pulling its ACL. Interesting trick, Something that warrants further research.

Update: I am unable to get access to the process handle due to the ACL’s I must escalate to system first before this API will work.
Src: Also an interesting read.

Leave a comment

Your email address will not be published. Required fields are marked *