Security News > 2019 > June > Critical Microsoft NTLM vulnerabilities allow remote code execution on any Windows machine
2019-06-11 16:57
The Preempt research team found two critical Microsoft vulnerabilities that consist of three logical flaws in NTLM, the company’s proprietary authentication protocol. These vulnerabilities allow attackers to remotely execute malicious code on any Windows machine or authenticate to any web server that supports Windows Integrated Authentication (WIA) such as Exchange or ADFS. The research shows that all Windows versions are vulnerable. The flaws allow attackers to bypass existing mitigations NTLM is susceptible to relay attacks, … More → The post Critical Microsoft NTLM vulnerabilities allow remote code execution on any Windows machine appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/Gwn5dXfPLhk/
Related news
- New Windows zero-day leaks NTLM hashes, gets unofficial patch (source)
- Microsoft: Recent Windows updates cause Remote Desktop issues (source)
- Microsoft fixes printing issues caused by January Windows updates (source)
- Mozilla warns Windows users of critical Firefox sandbox escape flaw (source)
- Microsoft: New Windows scheduled task will launch Office apps faster (source)
- Microsoft fixes Remote Desktop issues caused by Windows updates (source)
- OpenAI now pays researchers $100,000 for critical vulnerabilities (source)
- Microsoft's killing script used to avoid Microsoft Account in Windows 11 (source)
- Microsoft tests new Windows 11 tool to remotely fix boot crashes (source)
- New Windows 11 trick lets you bypass Microsoft Account requirement (source)