Vulnerability detected in Microsoft Windows 10

Vinay Kumar 1 Reputation point

With Windows 10, junction directory can be created easily from 'non-admin' account inside c:\Windows\System32.
Such actions would result in creation of junction directories UNKNOWINGLY(to Administrator) to random folders!!!

Creating the soft-link to 'c:\Windows\System32' requires admin privileges:

C:\Users\hacker>mklink c:\ProgramData\Hacker_test\test.txt c:\Windows\System32\sample.txt
Access is denied.

But creating Junction directory does not require any admin privileges, which is the SECURITY VULNERABILITY.

C:\Users\hacker>mklink /J c:\ProgramData\Hacker_test c:\Windows\System32
Junction created for c:\ProgramData\Hacker_test <<===>> c:\Windows\System32

So the higher privileged Windows Services running with NT AUTHORITY\SYSTEM privileges writing/reading logs/data/configuration can be redirected to any WINDOWS LOCATION(even to c:\Windows\System32) by 'non-admin' user(Using mkling /J).

Does Windows has released any security patch for it?
If not, How can Windows Service restrict creation of Junction directories(by 'non-admin' user) for the files(logs/data/configuration) to which it is writing/reading?

Any help, would be greatly appreciated.


Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
11,113 questions
Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,828 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Xiaowei He 9,876 Reputation points


    It's recommended to send feedback to Microsoft with the Feedback Hub app:

    Thanks for your time!
    Best Regards,


    If the Answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.