4. Vulnerability
• During importing an old .job file (from XP)
• First impersonates, then sets security on .job file after reverting
impersonation
• Sets DACL on .job allowing access to the user
5. Exploit
• Create hard link pointing the job file to a System file
• Trigger import of job file again leading to DACL on hard link target
instead