
Windows NT Schedule Service
The Windows NT schedule service allows administrators to schedule batch jobs
to occur at specified times. Since the schedule service normally executes jobs
as the system account, it can be used to modify account privileges. It is also
disabled as part of the configuration needed to make a Windows NT machine C2
secure. Due to the fact that the schedule service requires administrator level
access to cause jobs to run, it is considered a low risk. The schedule service
can also be reconfigured to execute commands as a user with lower access
rights, which may be a good option for some sites.
Risk: Low
OS Vulnerable: Windows NT
Fix: Open Control Panel, Services and disable the schedule service.