D
DelJo63
According to ZDnet.com:
Microsoft's Patch Tuesday updates for March deliver fixes for 75 security bugs, including patches for 15 critical flaws and a serious vulnerability that exposes sysadmins to credential theft.
See the original article for details
Microsoft's Patch Tuesday updates for March deliver fixes for 75 security bugs, including patches for 15 critical flaws and a serious vulnerability that exposes sysadmins to credential theft.
According to Preempt, this bug isn't an attacker's entry point, but rather a technique for lateral movement and privilege escalation after they've either gained physical access to the target's Wi-Fi network, or once they've exploited a remote code execution in a firm's routers, such as Cisco's severe ASA VPN bug which was patched through January and February.
"The attacker will set up the man-in-the-middle, wait for a CredSSP session to occur, and once it does, will steal session authentication and perform a Remote Procedure Call (DCE/RPC) attack on the server that the user originally connected to (eg, the server user connected with RDP)," explains Preempt researcher Yaron Zinar.
"The attacker will set up the man-in-the-middle, wait for a CredSSP session to occur, and once it does, will steal session authentication and perform a Remote Procedure Call (DCE/RPC) attack on the server that the user originally connected to (eg, the server user connected with RDP)," explains Preempt researcher Yaron Zinar.
See the original article for details