Microsoft: due nuove vulnerabilità

Two vulnerabilities have been uncovered in Microsoft Windows security protocols which could lead to password cracking and domain compromise, researchers have warned.

This week, the Preempt security team said the bugs were discovered in the Microsoft Windows NT LAN Manager (NTLM) security protocols, a security software suite which replaced the older Windows LAN Manager (LANMAN) platform.

According to Preempt, the vulnerabilities relate to different protocols handling NTLM improperly.

“These issues are particularly significant as they can potentially allow an attacker to create new domain administrator accounts even when best-practice controls such as LDAP server signing and RDP restricted admin mode are enabled,” the company says.

… leggi di più sul SITO d’origine…