A new technique uses a simplified process of DLL hijacking and mock directories to bypass Windows 10’s UAC security feature and run elevated commands without alerting a user. Windows, in some cases, treats mock folders as the same folder as the actual folder it’s named after. A mock directory is an imitation directory with a trailing space and can be created from within the Windows Explorer UI. To make a mock directory, you can simply use a simple script to accomplish the task. To bypass UAC, the technique required at least some form of rewriting and recompiling of an existing DLL with the attacker’s payload.
Source: https://www.bleepingcomputer.com/news/security/bypassing-windows-10-uac-with-mock-folders-and-dll-hijacking/