Microsoft warns of easy Windows domain takeover via Active Directory bugs

Share on linkedin
Share on facebook
Share on twitter

Microsoft warned customers today to patch two Active Directory domain service privilege escalation security flaws that, when combined, allow attackers to easily takeover Windows domains.

Redmond’s warning to immediately patch the two bugs – both allowing attackers to impersonate domain controllers – comes after a proof-of-concept tool that can leverage these vulnerabilities was shared on Twitter and GitHub on December 11.

“When combining these two vulnerabilities, an attacker can create a straightforward path to a Domain Admin user in an Active Directory environment that hasn’t applied these new updates,” Microsoft explains in an advisory published today.

“As always, we strongly advise deploying the latest patches on the domain controllers as soon as possible.”

Researchers who tested the PoC stated that they were able to easily use the tool to escalate privileges from standard Active Directory user to a Domain Admin in default configurations.

Replace the marked area with the naming convention of your domain controllers.

Stay on Top of Cyber Threats!

Subscribe to our monthly bulletin to stay updated on major cybersecurity risks.

Follow us on Socials:

Recent Cybersecurity News

483 Crypto.com accounts compromised in $34 million hack

Crypto.com has confirmed that a multi-million dollar cyber attack led to the compromise...
Read The Article

CISA urges US orgs to prepare for data-wiping cyberattacks

The Cybersecurity and Infrastructure Security Agency urges U.S. organizations to strengthen their cybersecurity...
Read The Article

Cybercriminals Actively Target VMware vSphere with Cryptominers

Organizations running sophisticated virtual networks with VMware's vSphere service are actively being targeted...
Read The Article

Contact a Specialist

Discover why 1,000+ organizations trust our expertise to improve their cybersecurity.

Stay Updated on Cyber Risks!

Subscribe to the Vumetric Monthly Bulletin to keep up with breaking news in the cybersecurity industry.