Slash Boxes

SoylentNews is people

Submission Preview

Link to Story

New Windows exploit lets you instantly become admin. Have you patched?

Accepted submission by Freeman at 2020-09-15 16:31:01 from the plugging the holes dept.
Security []

Researchers have developed and published a proof-of-concept exploit for a recently patched Windows vulnerability that can allow access to an organization’s crown jewels—the Active Directory domain controllers that act as an all-powerful gatekeeper for all machines connected to a network.

CVE-2020-1472, as the vulnerability is tracked, carries a critical severity rating [] from Microsoft as well as a maximum of 10 under the Common Vulnerability Scoring System. Exploits require that an attacker already have a foothold inside a targeted network, either as an unprivileged insider or through the compromise of a connected device.

Original Submission