This article is gear more towards internal threats. The article points out the local system admins can hijack privileged windows user session without passwords. For instance, the CFO has his desktop/laptap containing sensitive financial data. He went out for lunch and locked his computer, as required my company’s policy. A local administrator could essentially remote in or if had access to the physical machine his own credential and hijack the CIOs session, giving him access to the sensitive data.
The article is pretty interesting and there is Demo video attached.