I mainly use Linux so I’m not well-versed on how Windows and its privileges work. I’ve recently learned to use Metasploit and meterpreter on Windows boxes.
This answer has given an overview of how meterpreter migrates on Windows.
This article has addressed process migration on Linux
- What allows process migration to work?
- What are the main differences between Windows and Linux in process migration?
- Is this migration a feature or a vulnerability?
- How can I defend it?
- Should I try to prevent process migration?