Security News > 2019 > June > Critical Microsoft NTLM vulnerabilities allow remote code execution on any Windows machine
2019-06-11 16:57
The Preempt research team found two critical Microsoft vulnerabilities that consist of three logical flaws in NTLM, the company’s proprietary authentication protocol. These vulnerabilities allow attackers to remotely execute malicious code on any Windows machine or authenticate to any web server that supports Windows Integrated Authentication (WIA) such as Exchange or ADFS. The research shows that all Windows versions are vulnerable. The flaws allow attackers to bypass existing mitigations NTLM is susceptible to relay attacks, … More → The post Critical Microsoft NTLM vulnerabilities allow remote code execution on any Windows machine appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/Gwn5dXfPLhk/
Related news
- HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities (source)
- Microsoft blames Windows Server 2025 automatic upgrades on 3rd-party tools (source)
- Microsoft fixes bugs causing Windows Server 2025 blue screens, install issues (source)
- Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs (source)
- OvrC Platform Vulnerabilities Expose IoT Devices to Remote Attacks and Code Execution (source)
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Microsoft just killed the Windows 10 Beta Channel again (source)
- Microsoft just killed the Windows 10 Beta Channel for good (source)
- Critical vulnerabilities persist in high-risk sectors (source)