List of software quality issues with the number of affected components.
category ALL
Policies
Info
Category
Detected presence of software components that can tamper with the system security settings.
hunting
Problem
Software components sometimes need to interact with higher privilege parts of the operating system, often requiring administrative access to accomplish a task. System security settings are the first line of defense against the most common attack vectors. For that reason, attackers often aim to tamper with system security settings. Disabling User Access Controls (UAC) and other security settings enables malicious code to execute without being blocked. While the presence of code that tampers with system security settings does not necessarily imply malicious intent, all of its uses in a software package should be documented and approved. Only select applications should consider using functions that interact with system security settings. One example of acceptable use for such functions is allowing specialized applications to install as services that monitor the operating system events.Prevalence in npm community
0 packages
found in
Top 100
0 packages
found in
Top 1k
2 packages
found in
Top 10k
718 packages
in community
Next steps
Investigate reported detections as indicators of software tampering.
Consult Mitre ATT&CK documentation: T1562.001 - Disable or Modify Tools.
Consider rewriting the flagged code without using the marked behaviors.