Azure Active Directory Pod Identity Spoofing Vulnerability (CVE-2021-1677)

Today, for its January 2021 Patch Tuesday, Microsoft released an important security update for Azure Active Directory Pod Identities. This vulnerability is known as CVE-2021-1677 and rated with CVSSv3.0 scores of 5.5/4.8 About the vulnerability The Azure AD pod identity feature enables users to assign identities to pods in Kubernetes clusters and fetch them from … Continue reading "Azure Active Directory Pod Identity Spoofing Vulnerability (CVE-2021-1677)"

On-premises Identity-related updates and fixes for December 2020

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the Identity-related updates and fixes we saw for December 2020:   Windows Server 2016 We observed the following update for Windows Server 2016: KB4593226 December 8, 2020 … Continue reading "On-premises Identity-related updates and fixes for December 2020"

Spoofing Vulnerability in DNS Resolver (SAD DNS, Important, CVE-2020-25705, ADV200013)

On December 8th, 2020, Microsoft issued an advisory for a spoofing vulnerability in the DNS Resolver component. Microsoft refers to the advisory as ADV200013. BleepingComputer.com references CVE-2020-25705 in relationship to this vulnerability. In the advisory notice, Microsoft guides DNS admins to limit the DNS UDP packet size to stop DNS cache poisoning attacks leveraging this … Continue reading "Spoofing Vulnerability in DNS Resolver (SAD DNS, Important, CVE-2020-25705, ADV200013)"

Windows Lock Screen Security Feature Bypass Vulnerability (Important, CVE-2020-17099, CVSSv3 6.8/5.9)

Yesterday, for its December 2020 Patch Tuesday, Microsoft released an important security update addressing a Windows Lock Screen Security Feature Bypass Vulnerability .   About the vulnerability An authenticated user has signed into a device and locks his or her active session. An attacker with physical access could then perform actions that would allow them … Continue reading "Windows Lock Screen Security Feature Bypass Vulnerability (Important, CVE-2020-17099, CVSSv3 6.8/5.9)"

Kerberos Security Feature Bypass Vulnerability (Important, CVE-2020-16996, CVSSv3 6.5/5.7)

Today, for its December 2020 Patch Tuesday, Microsoft released an important security update for Active Directory Domain Services (AD DS).   About the vulnerability A Kerberos Security Feature Bypass vulnerability exists in Microsoft’s implementation of the Kerberos network authentication protocol. This vulnerability is described in detail in CVE-2020-16996. If you use Protected Users and Resource-Based … Continue reading "Kerberos Security Feature Bypass Vulnerability (Important, CVE-2020-16996, CVSSv3 6.5/5.7)"

On-premises Identity-related updates and fixes for November 2020

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the Identity-related updates and fixes we saw for November 2020: Windows Server 2016 We observed the following updates for Windows Server 2016: KB4586830 November 10, 2020 The … Continue reading "On-premises Identity-related updates and fixes for November 2020"

Two vulnerabilities in VMware ESXi may lead to virtual Domain Controller compromise (Critical, VMSA-2020-0026, CVE-2020-4004, CVE-2020-4005)

Today, VMware released an update that addresses a use-after-free vulnerability in the XHCI USB controller (CVE-2020-4004) and a VMX elevation-of-privilege vulnerability CVE-2020-4005). Together these two vulnerabilities can be used to compromise virtual Domain Controllers running on ESXi. Note: The vulnerabilities exist in VMware Cloud Foundation, too. The two vulnerabilities were responsibly disclosed to VMware by … Continue reading "Two vulnerabilities in VMware ESXi may lead to virtual Domain Controller compromise (Critical, VMSA-2020-0026, CVE-2020-4004, CVE-2020-4005)"

Kerberos Security Feature Bypass Vulnerability (Important, CVE-2020-17049, CVSSv3 6.6)

Yesterday, for its November 2020 Patch Tuesday, Microsoft released an important security update for Active Directory Domain Services (AD DS).   About the vulnerability A Kerberos Security Feature Bypass vulnerability exists in Microsoft’s implementation of the Kerberos network authentication protocol. This vulnerability is described in detail in CVE-2020-17049. A security feature bypass vulnerability exists in … Continue reading "Kerberos Security Feature Bypass Vulnerability (Important, CVE-2020-17049, CVSSv3 6.6)"

On-premises Identity-related updates and fixes for October 2020

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the Identity-related updates and fixes we saw for October 2020:   Windows Server 2016 We observed the following updates for Windows Server 2016: KB4580346 October 13, 2020 … Continue reading "On-premises Identity-related updates and fixes for October 2020"

Group Policy Elevation of Privilege Vulnerability (CVE-2020-16939, Important)

On Tuesday October 13th 2020, Microsoft released updates for all supported versions of Windows and Windows Server to address an elevation of privilege vulnerability in Group Policy, marked as important. Its official common vulnerabilities and exposures (CVE) id is CVE-2020-16939. Yesterday, the Zero Day Initiative (ZDI) shared more details and a Proof of Concept (PoC). … Continue reading "Group Policy Elevation of Privilege Vulnerability (CVE-2020-16939, Important)"