Misconfigured service permissions may allow an attacker to do what on a Windows service?

• A. Start the service remotely
• B. Change service binary path
• C. Restart the service
• D. Modify or reconfigure the attributes associated with that service

Answer: (D)

Windows services are controlled by a configuration that defines how and under what context the service runs. If permissions on that service are misconfigured, an attacker can modify these attributes—such as the executable path, startup type, log-on account, dependencies, and other settings. Changing where the service points to run, when it starts, or under which user it operates enables persistence, potential privilege escalation, and evasion, since the service can be made to run malicious code or start automatically with higher privileges. That broad ability to alter the service’s configuration captures the main risk here. The other actions are possible under certain permissions, but they are specific instances of the broader problem of being able to reconfigure the service’s attributes.