Windows NT Schedule Service contents.gifindex.gif

Windows NT Schedule Service

The Windows NT schedule service allows administrators to schedule batch jobs to occur at specified times. Since the schedule service normally executes jobs as the system account, it can be used to modify account privileges. It is also disabled as part of the configuration needed to make a Windows NT machine C2 secure. Due to the fact that the schedule service requires administrator level access to cause jobs to run, it is considered a low risk. The schedule service can also be reconfigured to execute commands as a user with lower access rights, which may be a good option for some sites.

Risk: Low

OS Vulnerable: Windows NT

Fix: Open Control Panel, Services and disable the schedule service.