Microsoft Rushes Fix for ‘PetitPotam’ Attack PoC

Microsoft was quick to respond with a fix to an attack dubbed “PetitPotam” that could force remote Windows systems to reveal password hashes that could then be easily cracked. To thwart an attack, Microsoft recommends system administrators stop using the now deprecated Windows NT LAN Manager NTLM...

Mitigating NTLM Relay Attacks on Active Directory Certificate Services (AD CS)

Summary Microsoft is aware of PetitPotam which can potentially be used in an attack on Windows domain controllers or other Windows servers. PetitPotam is a classic NTLM Relay Attack, and such attacks have been previously documented by Microsoft along with numerous mitigation options to protect...

KLA12248 Microsoft Advisory (ESU) for Active Directory Certificate Services

Microsoft is aware of PetitPotam which can potentially be used in an attack on Windows domain controllers or other Microsoft Products Extended Security Update.To prevent NTLM Relay Attacks on networks with NTLM enabled, domain administrators must ensure that services that permit NTLM authenticati...

KLA12244 Microsoft Advisory for Active Directory Certificate Services

Microsoft is aware of PetitPotam which can potentially be used in an attack on Windows domain controllers or other Windows servers.To prevent NTLM Relay Attacks on networks with NTLM enabled, domain administrators must ensure that services that permit NTLM authentication make use of protections...

MS09-042: Vulnerability in Telnet could allow remote code execution

MS09-042: Vulnerability in Telnet could allow remote code execution Support for Windows Vista Service Pack 1 SP1 ends on July 12, 2011. To continue receiving security updates for Windows, make sure you're running Windows Vista with Service Pack 2 SP2. For more information, refer to this Microsoft...

Security feature bypass

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to bypass Extended Protection for Authentication when Kerberos fails to prevent tampering with...

CVE-2017-8495

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to bypass Extended Protection for Authentication when Kerberos fails to prevent tampering with...

Kerberos SNAME Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists in Microsoft Windows when Kerberos fails to prevent tampering with the SNAME field during ticket exchange. An attacker who successfully exploited this vulnerability could use it to bypass Extended Protection for Authentication. To exploit this...

Windows Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully forward an authentication request to a Windows LDAP server, such as a system running Active Directory Domain Services AD DS or Active Directory Lightweight Directory...

Microsoft IIS memory corruption

Memory corruption if Extended Protection for Authentication is enabled...

Microsoft IIS Authentication Remote Code Execution Vulnerability (982666)

This host is missing an important security update according to Microsoft Bulletin MS10-040. OpenVAS Vulnerability Test $Id: secpodms10-040.nasl 6605 2017-07-07 11:22:07Z cfischer $ Microsoft IIS Authentication Remote Code Execution Vulnerability 982666 Authors: Sooraj KS Updated By: Madhuri D on...

Microsoft IIS Authentication Remote Code Execution Vulnerability (982666)

This host is missing an important security update according to Microsoft Bulletin MS10-040. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2010-1256

CVE-2010-1256 is an IIS memory-corruption vulnerability (IIS 6.0/7.0/7.5) tied to Extended Protection for Authentication. A remote attacker could execute arbitrary code by abusing how authentication information is parsed, when Extended Protection is enabled (KB973917). Microsoft MS10-040 fixes th...

CVE-2010-1256

Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when Extended Protection for Authentication is enabled, allows remote authenticated users to execute arbitrary code via unknown vectors related to "token checking" that trigger memory corruption, aka "IIS Authentication Memory Corrupti...

PT-2010-2961 · Microsoft · Iis

Name of the Vulnerable Software and Affected Versions: Microsoft IIS versions 6.0 through 7.5 Description: The issue allows remote authenticated users to execute arbitrary code via unknown vectors related to "token checking" that trigger memory corruption. Recommendations: For Microsoft IIS...