ShyDrager

ShyDrager is a user account control bypass vulnerability that was discovered in Microsoft Windows. It allows a local attacker to escalate privileges on a vulnerable system without triggering any User Account Control (UAC) prompts. The vulnerability exists in the way Windows handles certain COM objects, specifically those associated with the `fodhelper.exe` process. By exploiting a flaw in the COM object registration and interaction, an attacker can execute arbitrary code with elevated SYSTEM privileges.

The bypass works by creating a specially crafted registry key that points to a malicious executable. When

Exploitation of ShyDrager typically involves downloading and running a malicious payload that then sets up the