The exploit has been well documented for some time, but it might be a bit of a surprise to regular users just how easy it is to compromise a machine you have brief access to. An article published by Carnal0wnage
writes about replacing "Sticky Keys" on the login screen for Windows 7 with the "command line" executable, which essentially could let a user make all hell break loose.
It's as simple as briefly gaining access to an elevated command prompt on a workstation and typing the following code;
REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sethc.exe" /v Debugger /t REG_SZ /d "C:\windows\system32\cmd.exe"