Unpatched Windows Server vulnerability allows full domain compromise

A privilege escalation vulnerability in Windows Server 2025 can be used by attackers to compromise any user in Active Directory (AD), including Domain Admins. “The [“BadSuccessor”] attack exploits the delegated Managed Service Account (dMSA) feature that was introduced in Windows Server 2025, works with the default configuration, and is trivial to implement,” Akamai researcher Yuval Gordon warned. BadSuccessor attack technique explained The exploitable feature was introduced to help organizations replace the legacy non-managed service accounts … More → The post Unpatched Windows Server vulnerability allows full domain compromise appeared first on Help Net Security.
http://news.poseidon-us.com/TKwndX

Unpatched Windows Server vulnerability allows full domain compromise

Like this:

Related

More Posts

Supreme Court declines to reinstate independent agency board members fired by President Donald Trump

Supreme Court declines to reinstate independent agency board members fired by President Donald Trump

Oops: DanaBot Malware Devs Infected Their Own PCs

After years of growth, DoD cyber workforce braces for reductions

After years of growth, DoD cyber workforce braces for reductions

After years of growth, DoD cyber workforce braces for reductions

Organizational Planning 101: How to Make an Organizational Plan

House-passed reconciliation bill includes more changes to proposed federal benefits cuts

Macquarie BFS prepares its teams to work with AI agents

Amazon tests AI audio summaries for products

Share this:

Like this:

Related

More Posts