• 0Patch : Free Micropatches for 0-day “RemotePotato0” Microsoft ‘won’t fix’

    Home » Forums » AskWoody support » Windows » Windows 10 » Windows 10-other » 0Patch : Free Micropatches for 0-day “RemotePotato0” Microsoft ‘won’t fix’

    Author
    Topic
    #2418184

    https://blog.0patch.com/2022/01/free-micropatches-for-remotepotato0.html

    Back in April 2021, researcher Antonio Cocomazzi of Sentinel LABS and independent security researcher Andrea Pierini published an article titled Relaying Potatoes: Another Unexpected Privilege Escalation Vulnerability in Windows RPC Protocol. The article described a local privilege escalation vulnerability they had found in Windows and reported to Microsoft, who decided not to fix because “Servers must defend themselves against NTLM relay attacks.”

    As far as real world goes, many servers do not, in fact, defend themselves against NTLM relay attacks. Since the vulnerability is present on all supported Windows versions as of today (as well as all unsupported versions which we had security-adopted), we decided to fix it ourselves…

    1 user thanked author for this post.
    Reply To: 0Patch : Free Micropatches for 0-day “RemotePotato0” Microsoft ‘won’t fix’

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.