0Patch comes through again, this time on a no CVE 0-day:
“Forced authentication issues (including NTLM relaying and Kerberos relaying) are a silent elephant in the room in Windows networks, where an attacker inside the network can force a chosen computer in the same network to perform authentication over the network such that the attacker can intercept its request. In the process, the attacker obtains some user’s or computer account’s credentials and can then use these to perform actions with the ‘borrowed’ identity.”
“Alas, Microsoft’s position seems to be not to fix forced authentication issues unless an attack can be mounted anonymously; their fix for PetitPotam confirms that – they only addressed the anonymous attack vector. In other words:
“If any domain user in a typical enterprise network should decide to become domain administrator, no official patch will be made available to prevent them from doing so.”
——
“Hmm! Velly intelesting…”
Win7 Pro SP1 64-bit, Dell Latitude E6330 ("The Tank"), Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Newbie
--
"The more kinks you put in the plumbing, the easier it is to stop up the pipes." -Scotty
