Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Near-Ubiquitous Critical Microsoft RCE Bugs Affect All Versions of Windows
#1
Quote:Two critical Microsoft vulnerabilities, CVE-2019-1040 and CVE-2019-1019, would allow attackers to remotely execute malicious code on any Windows machine or authenticate to any web server that supports Windows Integrated Authentication (WIA) such as Exchange or ADFS.
 
According to researchers at Preempt, who discovered the flaws, the two CVEs consist of three logical flaws in NTLM, the company’s proprietary authentication protocol. A successful exploit would allow an attacker to read all users’ emails; authenticate to any cloud resource that is controlled by ADFS; remotely execute code on any machine the victim has privileges on; and modify various network configuration to create backdoors.
 
“NTLM is susceptible to relay attacks, which allows actors to capture an authentication and relay it to another server, granting them the ability to perform operations on the remote server using the authenticated user’s privileges,” they explained in a write-up released Tuesday and shared with Threatpost ahead of publication. “NTLM Relay is one of the most common attack techniques used in Active Directory environments, where the attacker compromises one machine, then moves laterally to other machines by using NTLM authentication directed at the compromised server.”

Read more here: https://threatpost.com/critical-microsof...ws/145572/
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
The slowest Meteor Lake spotted: Intel C...
Intel Core Ultra 5...harlan4096 — 12:47
Microsoft Edge fixes 0-day vulnerability...
Microsoft released...harlan4096 — 10:12
AnyDesk 8.0.9
AnyDesk 8.0.9:   ...harlan4096 — 10:10
AMD Confirms RDNA 3+ GPU Architecture F...
AMD Zen5-based Strix...harlan4096 — 10:08
Adobe Acrobat Reader DC 24.001.20629 (Op...
Adobe Acrobat Read...harlan4096 — 10:06

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>