all InfoSec news
Microsoft Netlogon: Potential Upcoming Impacts of CVE-2022-38023, (Sat, Apr 8th)
Malware Analysis, News and Indicators - Latest topics malware.news
This has been brought to our attention by a reader (thank you, William!). The vulnerability %%cve:2022-38038%% affected the Microsoft Netlogon[1] procedure with an RPC escalation of privilege vulnerability. Microsoft provided a patch to fix it. It improves the Netlogon security by enforcing RPC sealing instead of signing off the communication with the Domain Controller. RPC sealing is a security measure that both signs and encrypts the messages sent over the wire by the Netlogon protocol. Microsoft released a knowledge base …
article attention base communication cve cve-2022-38023 domain domain controller escalation fix information knowledge knowledge base measure messages microsoft netlogon patch privilege procedure protocol reader rpc sat security signing upcoming vulnerability wire