Microsoft has released a security patch to fix the Windows Active Directory privilege escalation vulnerability, which it says was in Microsoft SQL Server 2016 and 2017. The software update addresses two vulnerabilities that hackers can exploit by using valid credentials from an account with administrative rights or higher privileges on a domain-joined computer.
The “Windows Active Directory privilege escalation vulnerability” is a serious threat that has been present for a while. Microsoft has released patches to fix the issue.
Alexandru Poloboc is an author.
Editor of the News
Alex spent the most of his time working as a news reporter, anchor, and on TV and radio, with an overriding drive to always get to the bottom of things and find the truth… Continue reading
- Microsoft is issuing a security alert to its customers about yet another exploited vulnerability.
- Attackers may compromise your system by exploiting CVE-2021-42287 and CVE-2021-42278.
- Third parties with malicious intent may easily get Domain Admin credentials in Active Directory.
- The IT behemoth is now urging everyone to upgrade to the latest secure versions.
You should be aware that the Redmond-based tech firm has released an alert regarding various vulnerabilities that it has previously addressed but are currently being exploited on unpatched settings.
A proof-of-concept program exploiting these vulnerabilities was publicly revealed little over a week ago, on December 12.
Microsoft is advising users to address these flaws.
As you may recall, Microsoft provided a remedy for two new vulnerabilities, CVE-2021-42287 and CVE-2021-42278, during the November security update cycle.
Both of these flaws are classified as privilege escalation vulnerabilities in the Windows Active Directory domain service.
After compromising an ordinary user account, these flaws enable hostile third parties to quickly obtain Domain Admin rights in Active Directory.
The following three patches were provided by Redmond for instant deployment on domain controllers:
However, despite the fact that the aforementioned fixes have been available for some time, the issue is that a proof-of-concept program that exploits these vulnerabilities was just publicly released on December 12.
The Microsoft research team moved quickly and released a query that may be used to spot unusual activity that exploits these flaws.
This query compares aberrant device name changes to a list of domain controllers in your environment to discover abnormal device name changes (which should happen seldom to begin with).
If you believe you are a victim of one of the aforementioned instances, make sure you thoroughly investigate all of the information.
Most essential, upgrade to the safe versions supplied by Microsoft to ensure that you are always one step ahead of any possible risks.
Do you believe your system has been hacked by threat actors? Please let us know what you think in the comments area below.
Was this page of assistance to you?
Thank you very much!
There are insufficient details It’s difficult to comprehend Other Speak with a Professional
Start a discussion.
Watch This Video-
The “attacking active directory for fun and profit” is a Windows Active Directory privilege escalation vulnerability. The attack could be used to gain access to the system without any authentication.
Related Tags
- privilege escalation in active directory
- windows privilege escalation
- hacktricks windows privilege escalation
- active directory privesc
- how to hack active directory