New Windows Vulnerability…

Sharing is Caring!

Microsoft has shared guidance to help admins defend their Windows enterprise environments against KrbRelayUp attacks that enable attackers to gain SYSTEM privileges on Windows systems with default configurations.

Attackers can launch this attack using the KrbRelayUp tool developed by security researcher Mor Davidovich as an open-source wrapper for Rubeus, KrbRelay, SCMUACBypass, PowerMad/SharpMad, Whisker, and ADCSPwn privilege escalation tools.

See also  Microsoft to Introduce an Ever Present AI Agent to Windows

Since late April 2022, when the tool was first shared on GitHub, threat actors could escalate their permissions to SYSTEM in Windows domain environments with default settings (where LDAP signing is not enforced).

We are primarily funded by readers. Please subscribe and donate to support us!
See also  RAGHURAM G. RAJAN: 'The time has come to consider whether monetary policy is the systemic force that created systemic vulnerability in the first place.'

Davidovich released an updated version of KrbRelayUp on Monday that also works when LDAP signing is enforced and will provide attackers with SYSTEM privileges if Extended Protection for Authentication (EPA) for Active Directory Certificate Services (AD CS) is not enabled.


Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.