We recently reported about a proof-of-concept attack that could bypass a Windows system's User Account Control (UAC) and modify a PC without a trace.
UAC is an important Windows safeguard that prevents programs and processes from making unauthorized changes to your computer without approval from an administrator.
But did you know that aside from your regular administrator account, there's a hidden "elevated" administrator account that is automatically created when Windows 10 is installed? This elevated admin account can run programs and commands with full administrator rights at all times, totally bypassing the UAC prompt boxes.
Windows typically uses this account for internal system-wide changes such as upgrading a Windows 7 PC to Windows 10. This enables the installer to do its thing automatically without requiring approval from UAC prompts. Once the system is updated, this elevated admin account returns to its hidden state and is disabled.
This built-in "super" administrator account is hidden for obvious security reasons. Since it could run everything without restrictions, it could make system changes unhindered, without alerting a user with UAC prompts.
Although there are ways to enable this super admin account, it is not advisable.
It may sound convenient but it is actually a big security risk. Malware usually tries to mimic the user rights of the account that is logged into a computer so using a super elevated account can be disastrous. This built-in super admin account should remain hidden and disabled unless you are troubleshooting your PC and you have a pretty good idea of what you're doing.