Microsoft Windows 10 UAC Protection Bypass Via Windows Store

Posted on 06 September 2019

This Metasploit module exploits a flaw in the WSReset.exe Windows Store Reset Tool. The tool is run with the "autoElevate" property set to true, however it can be moved to a new Windows directory containing a space (C:Windows System32) where, upon execution, it will load our payload dll (propsys.dll).