433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | [email protected] | Office: (727) 493-2351
This has been brought to our attention by a reader (thank you, William!). The vulnerability %%cve:2022-38038%% affected the Microsoft Netlogon[1] procedure with an RPC escalation of privilege vulnerability. Microsoft provided a patch to fix it. It improves the Netlogon security by enforcing RPC sealing instead of signing off the communication with the Domain Controller. RPC sealing is a security measure that both signs and encrypts the messages sent over the wire by the Netlogon protocol. Microsoft released a knowledge base article[2] with more information about the technique used to fix the vulnerability.
http://news.poseidon-us.com/Sm9NDg