Microsoft Netlogon: Potential Upcoming Impacts of CVE-2022-38023, (Sat, Apr 8th)

This has been brought to our attention by a reader (thank you, William!). The vulnerability %%cve:2022-38038%% affected the Microsoft Netlogon[1] procedure with an RPC escalation of privilege vulnerability. Microsoft provided a patch to fix it. It improves the Netlogon security by enforcing RPC sealing instead of signing off the communication with the Domain Controller. RPC sealing is a security measure that both signs and encrypts the messages sent over the wire by the Netlogon protocol. Microsoft released a knowledge base article[2] with more information about the technique used to fix the vulnerability.
http://news.poseidon-us.com/Sm9NDg

Microsoft Netlogon: Potential Upcoming Impacts of CVE-2022-38023, (Sat, Apr 8th)

Like this:

Related

More Posts

Exploit attempts for unpatched Citrix vulnerability, (Mon, Nov 18th)

Navigating the compliance labyrinth: A CSO’s guide to scaling security

Transforming code scanning and threat detection with GenAI

Taming Technology Chaos: Dell’s Innovative Recovery Solution

Cyber security bill recommended for 'urgent' parliamentary approval

Future Face of Tech Leadership: Mastering the ‘Trifecta of Disruption’

Evaluating GRC tools

ScubaGear: Open-source tool to assess Microsoft 365 configurations for security gaps

How and where to report cybercrime: What you need to know

ISC Stormcast For Monday, November 18th, 2024 https://isc.sans.edu/podcastdetail/9222, (Mon, Nov 18th)

Share this:

Like this:

Related

More Posts