Microsoft Windows LSA Spoofing Vulnerability

Microsoft Windows Local Security Authority LSA contains a spoofing vulnerability where an attacker can coerce the domain controller to authenticate to the attacker using NTLM...

Microsoft Patch Tuesday May 2022: Edge RCE, PetitPotam LSA Spoofing, bad patches

Hello everyone! This episode will be about Microsoft Patch Tuesday for May 2022. Sorry for the delay, this month has been quite intense. As usual, Im using my Vulristics project and going through not only the vulnerabilities that were presented on May 10th, but all the MS vulnerabilities presente...

Three zero-days addressed in Microsoft’s May 2022 Patch Tuesday

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Microsoft addressed 74 vulnerabilities in their May 2022 Patch Tuesday Security Update. Three of them are zero-days, and one is being exploited in the wild. The LSA Spoofing vulnerability CVE-2022-26925 is actively exploited i...

Update now! Microsoft releases patches, including one for actively exploited zero-day

Microsoft has released patches for 74 security problems, including fixes for seven “critical” vulnerabilities, and an actively exploited zero-day vulnerability that affects all supported versions of Windows. First, well look at the actively exploited zero-day. Then well discuss two zero-days that...

CVE-2022-26925

Windows LSA Spoofing Vulnerability...

CVE-2022-26925

Windows LSA Spoofing Vulnerability...

CVE-2022-26925 Windows LSA Spoofing Vulnerability

...

CVE-2022-26925

Windows LSA Spoofing Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

CVE-2021-36942

Windows LSA Spoofing Vulnerability...

CVE-2021-36942

Windows LSA Spoofing Vulnerability...

CVE-2021-36942 Windows LSA Spoofing Vulnerability

...

CVE-2021-36942

Windows LSA Spoofing Vulnerability Recent assessments: jbaines-r7 at January 25, 2022 4:35pm UTC reported: Recently, I was attempting to combine James Forshaw’s remote EFSRPC file write “bug” with a local privilege escalation that I’d discovered. I was getting strange results. Working on one...

Patch Tuesday - August 2021

Hot off the press, it’s another issue of the Patch Tuesday blog! While the number of vulnerabilities is low this month, there are a number of high risk items administrators will want to patch right away including a few that will require additional remediation steps. This Patch Tuesday also includ...

Microsoft and Adobe Patch Tuesday (August 2021) – Microsoft 51 Vulnerabilities with 7 Critical, Adobe 29 Vulnerabilities

Microsoft Patch Tuesday – August 2021 Microsoft patched 51 vulnerabilities in their August 2021 Patch Tuesday release, and 7 of them are rated as critical severity. Three 0-day vulnerability patches were included in the release. Critical Microsoft Vulnerabilities Patched CVE-2021-36942 - Windows...

Windows LSA Spoofing Vulnerability

...

Check Point response to OSPF LSA spoofing vulnerability (CVE-2013-0149, CVE-2013-7311)

...