2 Eleventh Hour Security : Exam SY0-201 Study Guide Privilege escalation can be a legitimate action. Users can also gain elevated privileges by exploiting vulnerabilities in software (bugs or backdoors) or system misconfigurations. Bugs are errors in software, causing the program to function in a manner that wasn't intended. Backdoors are methods of accessing a system in a manner that bypasses normal authentication methods. System misconfigurations include such items as adding a user to a privi- leged group (such as the Administrator group in Active Directory) or leav- ing the root password blank or easily guessable. Viruses and worms Malicious software has appeared in many forms over the decades, but the problem has increased substantially as more computers and devices are able to communicate with one another. Before networks were commonplace, a person transferring data needed to physically transport software between machines, often using floppy dis- kettes or other removable media. To infect additional machines, the malicious software would have to write itself to the media without the user's knowledge. With the widespread use of networking, exploitable vulnerabilities, file sharing, and e-mail attachments made it much easier for malware to disseminate. There are many different types of malicious code that are written with the intention of causing damage to systems, software, and data--two of the most common forms are viruses and worms. VIRUSES A computer virus is defined as a self-replicating computer program that interferes with a computer's hardware, software, or OS. A virus's primary purpose is to create a copy of itself. Viruses contain enough information to replicate and perform other damage, such as deleting or corrupting important files on your system. A virus must be executed to function (it must be loaded into the computer's memory) and then the computer must follow the virus's instructions. The instructions of the virus constitute its payload . The payload may disrupt or change data files, display a message, or cause the OS to malfunction. A virus can replicate by writing itself to removable media, hard drives, legitimate computer programs, across the local network, or even through- out the Internet.