Users

Anyone with even a passing familiarity with Windows has encountered the concept of
user accounts. We use accounts to log on to the system and to access resources on the
system and the network. Few have considered what an account really represents,
however, which is one of the most common security failings on most networks.
Quite simply, an account is a reference context in which the operating system executes
code. Put another way, all user mode code executes in the context of a user account. Even some
code that runs automatically before anyone logs on (such as services) runs in the context
of an account (often as the special and all-powerful SYSTEM, or LocalSystem, account).
All commands invoked by the user who successfully authenticates using the account
credentials are run with the privileges of that user. Thus, the actions performed by
executing code are limited only by the privileges granted to the account that executes it.
The goal of the malicious hacker is to run code with the highest possible privileges. Thus,
the hacker must become the account with the highest possible privileges.