Security News > 2021 > December > Active Directory Bugs Could Let hackers Take Over Windows Domain Controllers

Active Directory Bugs Could Let hackers Take Over Windows Domain Controllers
2021-12-22 08:50

Microsoft is urging customers to patch two security vulnerabilities in Active Directory domain controllers that it addressed in November following the availability of a proof-of-concept tool on December 12.

The two vulnerabilities - tracked as CVE-2021-42278 and CVE-2021-42287 - have a severity rating of 7.5 out of a maximum of 10 and concern a privilege escalation flaw affecting the Active Directory Domain Services component.

Credited with discovering and reporting both the bugs is Andrew Bartlett of Catalyst IT. Active Directory is a directory service that runs on Microsoft Windows Server and is used for identity and access management.

While CVE-2021-42278 enables an attacker to tamper with the SAM-Account-Name attribute - which is used to log a user into systems in the Active Directory domain, CVE-2021-42287 makes it possible to impersonate the domain controllers.

"When combining these two vulnerabilities, an attacker can create a straightforward path to a Domain Admin user in an Active Directory environment that hasn't applied these new updates," Microsoft's senior product manager Daniel Naim said.

"As always, we strongly advise deploying the latest patches on the domain controllers as soon as possible," Microsoft said.


News URL

https://thehackernews.com/2021/12/active-directory-bugs-could-let-hackers.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-11-10 CVE-2021-42287 Unspecified vulnerability in Microsoft products
Active Directory Domain Services Elevation of Privilege Vulnerability
network
high complexity
microsoft
7.5
2021-11-10 CVE-2021-42278 Unspecified vulnerability in Microsoft products
Active Directory Domain Services Elevation of Privilege Vulnerability
network
high complexity
microsoft
7.5